Jerry Gamblin / RogoLabs

The vulnerability intelligence system is broken.
Here's how to fix it.

Open-source tools and research for security teams who need signal, not noise.

Explore the Toolkit View Talks →
About

RogoLabs

RogoLabs builds open-source tools that make vulnerability intelligence actionable. The name comes from the Latin rogo — "I ask" — the root of "interrogate." The mission is to relentlessly question vulnerability data to reveal what actually requires attention.

The problem isn't a shortage of CVE data. It's that most security teams are drowning in it — CVSS scores without context, feeds without signal, patch lists without priority. Every tool in the RogoLabs toolkit is designed to cut through that noise: visualize what's happening, predict what's coming, and prioritize what matters.

All tools are free and open-source. No vendor lock-in, no hidden costs — because better security tooling should be available to everyone, not just organizations that can afford enterprise contracts.

— Jerry Gamblin

Open Source Toolkit

The RogoLabs Toolkit

One mission — make vulnerability intelligence actionable.

CVE.ICU
Real-time CVE visualization dashboard updated every 4 hours from the NVD, with interactive charts revealing vulnerability patterns and trends.
Dashboard
Visit → GitHub
PatchThis.app
Risk-based patch prioritization that ranks patches by actual exploitability and exposure, not just CVSS scores.
Prioritization
Visit → GitHub
CVEforecast
ML-powered CVE volume forecasting using an ensemble of statistical, machine learning, and deep learning models to predict what's coming next.
Predictive
Visit → GitHub
CNA Scorecard
Data-driven quality ratings for all 512 CVE Numbering Authorities, based on completeness, accuracy, and timeliness of their CVE records.
Quality
Visit → GitHub
CNAPulse
Monitors all 512 CNAs, tracking publishing activity and comparing 30-day output against 12-month baselines. Updated every 3 hours.
Monitoring
Visit → GitHub
VulnRadar
GitHub-native CVE monitoring for your stack. Matches CVEs against a watchlist, enriches with KEV, EPSS, NVD, and PatchThis, and posts issues. Runs on GitHub Actions.
GitHub Action
Visit → GitHub
CVE Updates
Automated analysis of 300K+ CVE records revealing update frequencies, historical trends, and the most actively maintained vulnerabilities. Updated every 4 hours.
Analytics
Visit → GitHub
CVE.ICU Splunk TA
High-performance Splunk Technology Add-on ingesting the full CVE List V5 with hourly delta updates and EPSS and KEV enrichment for enterprise vulnerability management.
Splunk
Splunkbase → GitHub
Speaking & Research

Talks

Conference presentations on vulnerability intelligence, CVE ecosystem health, and data-driven security.

Apr 2026 · VulnCon 2026 · Scottsdale, AZ
CVE Decaf: Brewing Better and More Actionable Data Quality

Introduces the Data Quality Assessment Framework (DQAF — pronounced "decaf"), a structured approach to measuring CVE data quality across completeness, accuracy, consistency, and machine-usability. The framework separates record design quality from record instance quality, enabling CNAs, NVD, and downstream consumers to benchmark their vulnerability data output. w/ Jay Jacobs (Empirical Security).

Feb 2026 · BSides Galway · Galway, IE
Open Source Intelligence on a Budget: Building Your Own Vulnerability Radar

A builder session showing how to create a self-sustaining vulnerability radar using open-source tooling and the architecture patterns behind the RogoLabs toolkit.

📄 Slides
Dec 2025 · Black Hat EU · London, UK
The Post-NVD Era: A Call for Global CVE Decentralization

Examining the critical need for CVE ecosystem decentralization in response to NVD challenges, exploring global alternatives and pathways toward a more resilient, distributed vulnerability intelligence infrastructure.

📄 Slides
Nov 2025 · BSides Munich · Munich, DE
Navigating the Volatile Vulnerability Landscape

Analysis of strain in global vulnerability disclosure — CVE funding challenges and NVD backlog — and strategies for resilient, diversified vulnerability intelligence using emerging alternative sources.

📄 Slides ▶ Recording
Sep 2025 · Vuln4cast · Darwin College, Cambridge, UK
A Time Series Approach to Predicting CVE Volume

Introduces CVEforecast.org and an ensemble approach — statistical, ML, deep learning, and CNA-specific forecasting — to shift vulnerability management from reactive response to predictive planning.

📄 Slides
Aug 2025 · AppSec Village @ DEF CON 33 · Las Vegas, NV
CVE Crisis: State of the Vulnerability Disclosure Landscape

State-of-the-landscape analysis covering NVD backlog dynamics, CVE program funding stress, assignment consistency, and the emergence of alternative global vulnerability data sources and their operational impact.

📄 Slides
Aug 2025 · BSidesLV · Las Vegas, NV
The Art of Concealment: CVE's Challenge with Transparency

Exploration of transparency gaps in CVE processes and their impact on vulnerability ecosystem trust and efficiency.

📄 Slides ▶ Recording
Apr 2025 · VulnCon · Raleigh, NC
The Quality Imperative for CVEs

Empirical analysis of CNA performance gaps and methods to raise vulnerability reporting quality across the ecosystem.

▶ Recording
Aug 2024 · AppSec Village @ DEF CON 32 · Las Vegas, NV
Using EPSS for Better Vulnerability Management

Case studies on operationalizing EPSS to reduce patch workload while preserving risk coverage.

▶ Recording