RiskPilot AI

AI-powered cyber risk analysis platform identifying vulnerability exposure.
Automated risk scoring using real-time vulnerability intelligence.
Live CVE feed displaying known vulnerabilities and severity insights.

Inspiration

Cyber attacks are growing rapidly, but many startups and SMEs lack the expertise to understand their real security risks. I was inspired to build a system that translates complex vulnerability data into simple, actionable risk insights. My goal was to create a platform where even non-experts can evaluate cyber risk and make better security decisions.

What it does

RiskPilot AI is a Cyber Risk Intelligence Platform that analyzes real-world vulnerability data and generates a risk score for a given software or system. It combines live CVE data, OWASP risk mapping, and human analyst validation to produce meaningful security insights. Instead of just listing vulnerabilities, it prioritizes risk and explains impact.

How we built it

I built the platform using Python and Streamlit for the interface. It integrates the NVD (National Vulnerability Database) API to fetch live CVE data. The system extracts CVSS scores, calculates average risk levels, and maps results to OWASP Top 10 categories. A human-in-the-loop confidence slider allows analyst validation, ensuring AI does not operate blindly.

Challenges we ran into

Working with real-time vulnerability data was challenging because CVE formats and metrics vary. Handling missing CVSS values and structuring reliable risk scoring required careful logic. Integrating APIs and managing response data consistency was also a learning experience.

Accomplishments that we're proud of

We are proud that we built a real, working cyber risk intelligence platform that uses live vulnerability data instead of static or dummy data. Integrating real CVE feeds and converting them into a meaningful risk score was a major achievement.

We are also proud of adding a human-in-the-loop validation step, which ensures that the system supports analysts instead of blindly replacing them. This makes the platform more practical and trustworthy for real-world use.

Another accomplishment is translating complex cybersecurity concepts like CVSS scores and OWASP categories into simple, understandable insights for users. The project bridges the gap between raw security data and decision-making.

Finally, we’re proud that this project demonstrates how AI can be responsibly used in cybersecurity — as an assistant to humans, not a replacement.

What we learned

I learned how real-world cybersecurity data works, how risk scoring systems are designed, and how AI can support — but not replace — human analysts. I also gained experience in API integration, data handling, and building practical security tools.

What's next for RiskPilot AI

Future improvements include automated threat intelligence feeds, historical risk tracking, and enterprise dashboards. I also plan to add AI-driven remediation suggestions and attack-path simulation.

Built With

git
github
google-gemini-api-(llm)
json-parsing
nvd-cve-api-(real-time-vulnerability-data)
prompt
python
rest-apis
streamlit

Updates

Aymaan Madhia started this project — Feb 08, 2026 12:57 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.