George Ontiveros

Ship compliance, not spreadsheets.

About

Veteran. Solo founder. 10+ years in application security, DevSecOps, and federal compliance. Graduated Magna Cum Laude. Built CVERiskPilot to help security teams make faster CVE triage decisions — analyze, prioritize, and track vulnerabilities from discovery to remediation with AI. Along the way, I discovered nobody was mapping findings to compliance controls automatically. So I built that too. One command. Six frameworks. Built in San Antonio, TX.

Links

Twitter

Badges

Tastemaker

Gone streaking

Gone streaking 5

Maker History

CVERiskPilotCVE triage on autopilot. Compliance included
Mar 2026

🎉

Joined Product HuntMarch 29th, 2026

Forums

•

1mo ago

CVERiskPilot - CVE triage on autopilot. Compliance included

CVERiskPilot scans your code for vulnerable dependencies, secrets, and IaC misconfigs — then maps every finding to NIST 800-53, SOC 2, CMMC, FedRAMP, ASVS, and SSDF automatically. More than a scanner. The CVE triage dashboard lets your team analyze, prioritize, and track every vulnerability from discovery to remediation — AI classifies true positives, false positives, and needs-review. One command. Six frameworks. 135 controls. Zero config. Free CLI. No credit card. Veteran Owned.