Talk E-2: Project Achilles - a novel Vulnerability Management System

In an ever-evolving digital landscape, the role of Computer Security Incident Response Teams (CSIRTs) has become paramount in safeguarding critical infrastructure and ensuring cybersecurity compliance. In this paper, we discuss how CSIRT.SK has developed the Achilles system to fulfill its obligations and assist in protecting the team's constituency. The paper describes the design of the Achilles system, its features, and practical usage examples. It focuses on how Achilles is used at CSIRT.SK to help identify and remediate security vulnerabilities and protect the digital infrastructure of CSIRTS's constituency. Challenges encountered during the tool's development and deployment are explored along with ideas for further improvements. We hope that this article can act as an inspiration for other CSIRT teams on how security scanners can be integrated into larger systems to help manage vulnerabilities in systems belonging to their constituents.