Stop hunting for CVEs. Start getting notified.
I'm building an API-first solution to monitor authoritative CVE sources and deliver instant notifications. Help shape this product by joining the waitlist.
The Vision
Built by Someone Who's Been There
30+ years of hands-on security experience
Hi, I'm Pavels Gurskis,
The Founder behind CVEHook
My journey in IT security began in 1994 when I experienced my first (and last) server compromise. That incident sparked a 30-year career dedicated to keeping systems secure.
Over the past 15 years, I've held security leadership roles managing vulnerability programs, perimeter defense, VPNs, encryption, and compliance frameworks including PCI DSS and ISO27001. I've seen firsthand how manual vulnerability tracking fails organizations when it matters most.
Today I run IThesion agency, consulting customers on IT Infrastructure and Security. As a consultant, I experience first-hand the lack of robust tools for building effective DevSecOps pipelines— hence my motivation to build CVEHook.
The problem I want to solve
Security teams waste too much time on manual vulnerability research.
Manual Research is Time-Consuming
Teams manually check multiple sources like NVD, CISA, and vendor advisories. This reactive approach wastes valuable time that could be spent on remediation.
Critical Vulnerabilities Get Missed
Without real-time monitoring, high-severity CVEs can go unnoticed for hours or days, leaving systems vulnerable to active exploitation.
Too Much Noise, Too Little Signal
Generic vulnerability feeds overwhelm teams with irrelevant information. What you need is targeted alerts for your specific technology stack.
Disconnected Workflows
Vulnerability data lives in silos, disconnected from ticketing systems, CI/CD pipelines, and other security tools where action needs to happen.
The solution I want to build
Here's what I'm envisioning for CVEHook
Continuously monitor authoritative sources like NVD, CISA KEV catalog, and vendor advisories. Get notified within minutes of publication.
Subscribe to specific packages, products, or versions. Get only the alerts that matter to your technology stack.
curl -X POST https://api.cvehook.com/v1/subscriptions \
-H "Authorization: Bearer <API_KEY>" \
-H "Content-Type: application/json" \
-d '{
"name": "Web App Dependencies",
"packages": ["express", "react"],
"min_severity": "HIGH"
}'Built for automation. Integrate with your existing tools via webhooks, REST API, or direct database connections.
Development Roadmap
Here's my planned approach to building CVEHook
Market Validation
Current PhaseGather feedback, validate the concept, and offer founder pre-orders to early supporters who want to lock in 50% off regular pricing.
MVP Development
NextBuild core CVE monitoring, basic API, and email notifications. Focus on reliability and accuracy.
Beta Launch
FutureLaunch with early users, gather feedback, and iterate based on real-world usage.
Full Launch
FutureComplete feature set with webhooks, advanced filtering, team collaboration, and enterprise features.
Pricing
Transparent pricing that will scale with you when the product launches
Become a founding customer and secure special discount
Lock in 50% off regular pricing for your entire commitment period. Help shape the product roadmap and get priority access when we launch.
Founding customer pricing available for the first 100 pre-orders only.
This funding required to build first product release.
93 pre-order remaining at this price.
Perfect for individual developers and small projects
For growing teams that need collaboration
Enterprise Solutions
For organizations with custom needs, dedicated support, and strict compliance.
Tailored solutions for enterprise requirements