One of the biggest problems with dependabot is that you can't get an aggregate view of all the vulnerable dependencies across all your repositories. Teams would have to manually visit each repository and view the findings one by one. At the end of the day, this does not scale. The goal of this project is to solve that. This project aggregates all the dependabot findings using GitHub's GraphQL API, scans across the entire organization's repositories, and use data visualizations to help teams understand and prioritize the overall vulnerable dependencies across their organization. As an addition, I'm also pulling down CISA's known exploited vulnerabilities feed and cross checking them wih the CVE's detected by dependabot.
