Security Engineer · Founder · Builder

George
Ontiveros.

Cybersecurity professional, SOC analyst, and founder of CVERiskPilot — an AI-powered vulnerability triage platform built for defenders. Turning threat data into decisive action.

⚡ CVERiskPilot Beta Get in touch →
847+
CVEs Triaged
Sec+
CompTIA Certified
HTB
Hack The Box
SOC
Analyst
About
Defender.
Developer.
Founder.

I'm a cybersecurity professional based in San Antonio, TX, with a background spanning SOC operations, vulnerability management, and offensive security research. I've spent years hunting threats, triaging CVEs, and sharpening skills on Hack The Box and TryHackMe.

When I wasn't defending networks, I was building — full-stack React apps, Firebase projects, and ultimately CVERiskPilot, a SaaS product that automates the vulnerability triage workflow using agentic AI.

I believe the best security tooling is built by people who've actually lived the pain of alert fatigue and CVE noise. That belief is the foundation of everything I ship.

Credentials
🛡
CompTIA Security+
CompTIA · Active
⚔️
Hack The Box — Machines Owned
Offensive Security Practice
🎯
TryHackMe — Threat Intel Rooms
Blue Team · Cyber Threat Intelligence
🔬
ELK Stack Home Lab
SIEM · Log Analysis · Detection
⚛️
React / Firebase Developer
Full-Stack Web Applications
Featured Product
Live Beta · Free Access

CVERiskPilot

AI-powered CVE triage SaaS that transforms raw vulnerability scan outputs into prioritized risk decisions, business impact statements, and ticket-ready action plans — in under 3 minutes.

  • Ingests Nessus, Qualys, Rapid7, Trivy, Grype, Snyk, and more
  • Claude AI correlates findings with KEV, CVSS, and asset context
  • Auto-generates exec-ready business impact statements
  • One-click Jira / ServiceNow ticket output — zero reformatting
  • Real-time exploit intelligence surfaces active APT targets
Claude AI NVD API KEV Intelligence Multi-scanner Jira / ServiceNow Beta Live
Start Free Beta View Demo
cveriskpilot — beta workspace
upload scan_results.json --context "prod k8s"
Ingesting 847 findings from 12 scanners...
Running AI risk correlation engine...
CRITICAL CVE-2024-3400 · PAN-OS RCE · CVSS 10.0 ⚡ KEV
Impact: Perimeter firewall exposed — APT active
Action: Apply PAN-OS hotfix · ETA 2h
Ticket #INC-0042 created in Jira
CRITICAL CVE-2024-21762 · Fortinet SSL-VPN ⚡ KEV
Impact: Remote code execution via auth bypass
Ticket #INC-0043 created in Jira
847 findings 9 critical decisions ready
$
Technical Stack
Skills & Tools
🔵 Blue Team / SOC
SIEM ELK Stack Splunk Log Analysis Incident Response Alert Triage Threat Intelligence
⚔️ Offensive Security
Hack The Box TryHackMe Kali Linux Network Scanning FTP Exploits Privilege Escalation
🔐 Vulnerability Management
CVE Triage NVD API KEV Nessus Qualys Rapid7 Trivy CVSS
⚛️ Development
React JavaScript Firebase HTML/CSS REST APIs Git / GitHub Node.js
🤖 AI / Automation
Claude AI (Anthropic) Agentic Workflows Prompt Engineering AI Triage Pipelines LLM Integration
🖥️ Infrastructure
Linux Kubernetes Docker Network Security Firewall Config Home Lab
Background
Experience
2024 — Present
Founder & CEO
CVERiskPilot · cveriskpilot.com
  • Built and launched an AI-powered CVE triage SaaS from zero to live beta
  • Designed agentic AI pipeline using Claude to auto-generate risk decisions from raw scan data
  • Integrated NVD API, CISA KEV, and multi-scanner support (Nessus, Qualys, Trivy, Rapid7)
  • Shipped Jira / ServiceNow ticket generation — reducing triage time from hours to minutes
  • Sole engineer and product owner; running focused beta with security teams
Prior
SOC Analyst
Security Operations
  • Monitored SIEM dashboards and triaged security alerts in real-time
  • Investigated threat intelligence reports and mapped to IOCs
  • Maintained ELK Stack home lab for ongoing detection engineering
  • Earned and maintained CompTIA Security+ certification
Ongoing
React / Full-Stack Developer
Independent Projects
  • Built React applications with Firebase backend — hosted and deployed
  • Developed blog-style app with fetch/POST/DELETE via REST API
  • Shipped security-focused tooling including the CVERiskPilot frontend
Offensive Practice
Hacking & CTF

Hack The Box

Actively rooting machines on HackTheBox — from beginner to intermediate Linux/Windows targets. Owned Fawn (FTP) and continuing to progress through the platform's machine catalog.

Linux Windows FTP Enumeration Fawn ✓

TryHackMe

Completed rooms across defensive and offensive tracks — including a Cyber Threat Intelligence room focused on identifying threat actors from incident reports.

Threat Intel SOC Analyst Path CTI Room ✓ Offensive
Contact
Let's Work Together

Open to consulting, collaborations, and beta partnerships for CVERiskPilot. Reach out through any of the channels below.

⚡ CVERiskPilot.com 🔗 LinkedIn ✉️ admin@cveriskpilot.com 🌐 georgeonti.com