Create a vulnerability management interface that:
- Parses security scan data into a sortable and searchable table
- Checks against CISA's public "known exploited vulnerabilities (kev) catalog"
- allows users to dismiss CVEs
Create a component that ingests and parses security scan results from Trivy, use the scan-results.json also attached
Build a data table following the provided Figma designs that shows:
- Vulnerability ID (CVE)
- Package name and version
- Severity level
- Description
- Any other relevant fields from the scan data
Design Requirements:
- Follow the provided Figma mockups
- Implement responsive design
- Include sorting and filtering capabilities
- Handle large datasets efficiently
Enhance the vulnerability data by retrieving the latest CISA Known Exploited Vulnerabilities (KEV) Catalog to identify what if any of the scanned vulnerabilities are known to be actively exploited.
Add functionality to "dismiss" vulnerabilities:
- Add a dismiss action to each table row
- Track dismissed status (local state is fine)
- Provide visual indication of dismissed items
- Allow filtering to show/hide dismissed vulnerabilities
If you have any additional functionality you want to add that you think would be interesting feel free to do it!
- Framework: React with TypeScript (already configured)
- Routing: TanStack Router (already configured)
- Styling: Your choice - we've included no CSS framework intentionally
- HTTP Client: Your choice (fetch, axios, etc.)
-
clone skeleton
git clone https://github.com/second-front/react-skeleton
-
Install dependencies:
npm install
-
Start development server:
npm run dev
-
Import sample data:
- Sample Trivy scan file is attached as scan_results.json or can be generated manually with the public trivy docker image and Damn Vulnerabile Web App trivy installation docs (optional)
docker pull vulnerables/web-dvwa trivy image --format json --output scan-results.json vulnerables/web-dvwa
- Figma designs are linked
here
- Clean, readable, and well-organized code
- Proper TypeScript usage
- Component structure and reusability
- Error handling and edge cases
- All requirements implemented and working
- Smooth user experience
- Proper data parsing and API integration
- Effective state management
- Faithful implementation of Figma designs
- Responsive and accessible interface
- Thoughtful UX decisions
- Visual polish and attention to detail
- Appropriate technology choices
- Code organization and architecture
/sample-data/- Example vulnerability scan outputs- CISA KEV: https://www.cisa.gov/known-exploited-vulnerabilities-catalog