Software inventory across your fleet (workstations, servers, network gear). Daily CVE feed check matched against your inventory. Patch-urgency ranking (critical exposed → high internal → medium → low). Compliance reports (PCI, HIPAA, SOC 2 patching SLAs). For IT managers at 20-500 seat companies tired of tab-juggling CVE sites.
Per host: OS, installed apps + versions. Auto-ingest from CSV (export from Intune / JAMF / Ansible), or manual. Covers workstations, servers, network gear, firewalls.
Daily NIST NVD + vendor advisory pull. Matched against your inventory. Only CVEs affecting your actual stack surface in the dashboard. No 200-email-a-day CVE noise.
Critical + exposed (CVSS 9+, internet-facing): patch today. High + internal (CVSS 7-9, internal): patch this week. Medium (4-7): patch cycle. Low: patch when convenient. Ranked list top-of-dashboard.
Per compliance framework: PCI 30 days for critical, HIPAA no fixed but "reasonable," SOC 2 per your policy. See which assets are out of SLA. Audit-ready report export.
New critical CVE matching your inventory: email + Slack. Weekly summary: patched vs outstanding. Monthly compliance report for your CTO/CFO.
Flask + SQLite. Your inventory + CVE match data stays on your server. Not sold to attackers via a SaaS vendor breach.
Hosted plans are early-access. Self-host today; email tim@dangercorn.net to join the waitlist.
patchwatch is one of 220+ verticals scaffolded from the same template. Each gets a working skeleton for free; individual ones get promoted to full products as demand surfaces.