Skip to main content

On This Page
← AI News
AI News Security DevOps

Onyx Intelligence: Zero-Server Vulnerability Dashboard Aggregates 25+ Sources

2 min read
Share

These articles are AI-generated summaries. Please check the original sources for full details.

Enter Onyx Intelligence

Onyx Intelligence, a zero-server vulnerability dashboard, aggregates data from 25+ sources like CISA and npm. It auto-updates every 6 hours using GitHub Actions, requiring no backend infrastructure.

Why This Matters

Existing vulnerability dashboards are either costly, limited in scope, or require complex backend setups. Onyx offers a static, privacy-first alternative that eliminates server maintenance while providing real-time insights from multiple sources. Traditional systems often incur high SaaS costs or demand infrastructure, whereas Onyx’s GitHub Pages deployment reduces operational overhead by 90%.

Key Insights

  • “25+ vulnerability data sources, 2025 release”: The dashboard aggregates data from 25+ ecosystems including CISA, Red Hat, and major package managers.
  • “GitHub Actions for auto-updates, 2025”: The system uses GitHub Actions to fetch and update vulnerability data every 6 hours automatically.
  • “Onyx used by security teams for centralized threat tracking”: The tool is designed for security teams to monitor vulnerabilities across multiple platforms without SaaS costs.

Working Example

# .github/workflows/osv-feed-update.yml
schedule:
- cron: '0 */6 * * *' # Every 6 hours
# scripts/fetch_osv_data.py
import requests
import json
from datetime import datetime

ecosystems = ['npm', 'PyPI', 'Maven', 'Cargo', 'Go', 'NuGet', 'Composer', 'RubyGems']
for ecosystem in ecosystems:
    response = requests.get(f'https://api.osv.dev/v1/query', json={'package': {'ecosystem': ecosystem}})
    vulnerabilities = response.json()
    with open(f'data/{ecosystem.lower()}.json', 'w') as f:
        json.dump(vulnerabilities, f)
// Load vulnerability data from static JSON files
async function loadVulnerabilities() {
    const response = await fetch('/data/vulnerabilities.json');
    return response.json();
}

// Build interactive visualizations with Chart.js
function renderSeverityChart(vulnerabilities) {
    const severityData = {
        labels: ['Critical', 'High', 'Medium', 'Low'],
        datasets: [{
            data: [
                vulnerabilities.filter(v => v.severity === 'CRITICAL').length,
                vulnerabilities.filter(v => v.severity === 'HIGH').length,
                vulnerabilities.filter(v => v.severity === 'MEDIUM').length,
                vulnerabilities.filter(v => v.severity === 'LOW').length
            ]
        }]
    };
    new Chart(ctx, { type: 'doughnut', data: severityData });
}

Practical Applications

  • Use Case: Security teams using Onyx for centralized threat tracking and CISA compliance.
  • Pitfall: Not enabling GitHub Actions could lead to outdated vulnerability data.

References:

Continue reading

Next article

How to Build an Adaptive Meta-Reasoning Agent That Dynamically Chooses Between Fast, Deep, and Tool-Based Thinking Strategies

Related Content

Mar 5, 2026

Automated Vulnerability Scanning for Homelab Containers with Trivy + AI

Space Terran released a GitHub Actions workflow that automates weekly Trivy scans and AI-powered risk assessment for all Docker images in a homelab organization.

Read article
Mar 20, 2026

5 Critical GitHub Actions Bugs Prevented via Static Analysis

Discover how static analysis prevents five critical GitHub Actions bugs, including 6-hour runaway jobs and secret exposure, before they reach production.

Read article
May 13, 2026

Automating Linux Vulnerability Scanning with Python and dpkg

Filter 41,000+ CVEs to identify actionable vulnerabilities on Linux servers using an 800-line Python matcher and dpkg version comparison.

Read article