Assess the estate landscape
Start from the dashboard to compare projects, distinct CVEs, namespace spread, CVSS distribution, direct/transitive exposure, and policy thresholds in one place.
Prioritize dependency risk with an open, reproducible snapshot.
Risk Navigator turns vulnerability intelligence and dependency inventory into an interactive decision surface for remediation planning, backpatch candidates, amplifier upgrades, and OpenRewrite-ready upgrade bundles.
Vulnerability signals
Dependency inventory
→
Risk Navigator dataset
→
Prioritized fixes
OpenRewrite cart
Inside the tool
From exposure signal to remediation plan.
The hosted demo uses the OSERA sample dataset, so the same views can be explored directly from GitHub Pages.
Find OSERA patch candidates
Use the backpatch priority calculator to separate routine upgrades from cases where fork, backpatch, or amplifier work can reduce migration risk.
Generate remediation bundles
Add Maven dependencies to the OpenRewrite cart, tune target versions, and generate YAML or impact prompts for repeatable remediation planning.
What it helps answer
Where is the exposure?
Slice vulnerable libraries by CVSS, EPSS, KEV, namespace, project reference, and project group.
What moves first?
Rank patch, minor, major, backpatch, framework, and amplifier remediation options by impact and effort.
Where is OSERA needed?
Surface cases where downstream patch ownership or backpatch work can defer risky migrations.