Cybersecurity monitoring that alerts you only about your stack.

TechWatchAlert is the French platform for real-time CVE monitoring and software end-of-life (EOL) tracking. Automatic prioritization via CVSS v4, EPSS and CISA KEV. Slack, Teams, email, webhook and REST API integrations. Hosted in France.

Alerting < 30s 360 000 indexed CVEs Made in France 🇫🇷
Critical CVE-2026-1847 · OpenSSL 3.2 — RCE High CVE-2026-1832 · nginx 1.25 — XSS Critical CVE-2026-1801 · Fortinet FortiOS — bypass auth Medium CVE-2026-1774 · PostgreSQL 16 High CVE-2026-1758 · VMware ESXi EOL · CentOS 7 — ends in 94d EOL · PHP 8.1 — ends in 62d Critical CVE-2026-1712 · Microsoft Exchange Critical CVE-2026-1847 · OpenSSL 3.2 — RCE High CVE-2026-1832 · nginx 1.25 — XSS Critical CVE-2026-1801 · Fortinet FortiOS — bypass auth Medium CVE-2026-1774 · PostgreSQL 16 High CVE-2026-1758 · VMware ESXi EOL · CentOS 7 — ends in 94d EOL · PHP 8.1 — ends in 62d Critical CVE-2026-1712 · Microsoft Exchange
Integrations
Slack Microsoft Teams Discord Email In-app notifications HTTP Webhooks REST API
Platform

CVE alerts, EOL tracking, cyber monitoring. One unified platform.

Replace the dozens of RSS feeds, CERT-FR newsletters and CVE dashboards you check every morning. A single source of truth for your infrastructure's security.

01 · Detection Scanning

Every CVE matched to your stack, in seconds.

No noise. Our CPE engine compares your technologies and their versions against 360,000 indexed CVEs, and surfaces only what truly concerns you.

7
critical CVEs affecting your stack of 1,842 published in the last 30 days · signal ratio 0.38%
Your stack · 51 components
php 8.1.28
nginx 1.24.0
postgresql 16.2
ubuntu 22.04
node 20.10
redis 7.2.3
elasticsearch 8.11
docker 24.0.7
kubernetes 1.28.4
openssl 3.2.1
mysql 8.0.35
apache 2.4.58
+ 39 more
7 critical matches
9.8 CVE-2026-1847 KEV
OpenSSL — RCE via cert parsing
Public exploit · patch available
9.1 CVE-2026-1801 KEV
Apache 2.4 — SSRF in mod_proxy
Actively exploited · patch available
8.1 CVE-2026-1798
PostgreSQL 16 — privilege escalation
EPSS 0.82 · patch available
7.8 CVE-2026-1712
nginx 1.24 — HTTP/3 buffer overflow
Mitigation: disable HTTP/3
7.5 CVE-2026-1689
Node.js 20 — prototype pollution
EPSS 0.44 · patch available
02 · Anticipation endoflife.date

Zero surprises on end-of-support.

Alerts at D-90, D-30, D-7 — for every component of your stack.

62
days
PHP 8.1
End of security support
Dec 31, 2026
J-94CentOS 7Server OS
J-218Ubuntu 20.04Standard LTS
J-412Node 18 LTSRuntime
J-548MySQL 5.7Database
03 · Summary Every morning at 8:00

A daily brief, not an RSS flood.

The 12 best cyber sources, summarized and filtered to your stack.

Patchwork Digest
Your brief for Tuesday, April 14
3 critical CVEs on your stack
PHP 8.1 — EOL in 62 days
CERT-FR reports 2 active campaigns
Fortinet publishes 3 major advisories
5 minor patches available
2 min read View full brief →
A day in the life of a CVE

Detection, prioritization, notification: under 30 seconds.

Every vulnerability follows an automated path — detection on CVEList v5, CVSS/EPSS/KEV enrichment, matching against your inventory, multi-channel notification.

1
T+0

CVE publication

Detected on CVEList v5, CISA KEV, or enriched via EPSS first.org.

2
T+15s

Stack matching

CPE vendor/product/version cross-matching against your watchlist and min-severity filter.

3
T+20s

Prioritization

CVSS v4, EPSS percentile, KEV flag, PoC availability — automatic scoring.

4
T+30s

Multi-channel notification

Slack, Teams, email, webhook. Workflow: PENDING → ANALYZING → FIXING → RESOLVED.

Workflows

Your alerts become workflows. Visual, composable, no code.

Pick a trigger, add your conditions, wire up your actions. From detected CVE to notified team — automatically, without writing a line of code.

Visual editor

From trigger to action, in a few clicks.

Build your automations on a canvas: each workflow starts from an event, filters by conditions, then runs actions on your channels.

  • CVE, EOL & certificate triggers new CVE, update, PoC, KEV, end of support…
  • Composable conditions severity, CVSS, EPSS, KEV, product, vendor
  • Multi-channel actions Slack, Teams, email, webhook, case
  • Dry run simulate on a real CVE before activating
Workflow · Critical alertsRunning
New CVE on your stacktrigger.cve_new_match Trigger
CVSS score ≥ 9.0condition.cvss Condition
Listed in the KEV catalogcondition.is_kev Condition
Notify Slack / Teamsaction.fire_webhooks Action
Create a caseaction.create_case Action
VigieAI assistant · CVE monitoring Online
Vigie, does CVE-2026-1847 affect me?
Yes — and it's a priority:
9.8 CVE-2026-1847 KEV
OpenSSL 3.2.1 · detected on your stack
CVSS 9.8EPSS 0.97ExploitedPublic PoC
Patch: upgrade to 3.2.2
Alert me on Slack for any critical CVE.
Done. Here's the workflow I suggest:
New CVE CVSS ≥ 9 Notify Slack
Workflow ready Approve
Summarize my critical alerts Which CVEs affect my stack? Explain EPSS
Vigie AI

Vigie answers, explains and takes action. Your cybersecurity copilot.

Ask in plain language. Vigie knows your estate, prioritizes by KEV and EPSS, and can even build your workflows — you always stay in control.

Understands your vulnerabilitiesExplains every CVE — CVSS, EPSS, KEV, PoC — and what to fix first.
Knows your contextReads your stack, your alerts, your EOL deadlines and the feeds from the sources you follow.
Builds your workflowsDescribe the automation in plain language: Vigie composes it, you approve in one click.
Prioritizes and recommendsFrom noise to signal: Vigie surfaces the real risk and the next steps.

Built and hosted in France

API v1 · PRO plan

CVE REST API: bring monitoring into your CI/CD.

20 documented REST endpoints to automate your vulnerability management: fetch alerts, query your watchlist, block a deployment on a critical CVE. Bearer auth, smart rate limiting, Starlight documentation with curl, Python, JavaScript and GitHub Actions examples.

Integrate TechWatchAlert into your pipeline.

Fetch your alerts, query the CVE database, read your watchlist, cases and statistics. Your entire monitoring is available read-only via the API (GET), to block a deployment on a critical CVE.

  • Bearer auth revocable keys, format twa_...
  • Read-only (GET) Public read API, per-plan quotas
  • Starlight docs curl, Python, JS, GitHub Actions examples
  • Outbound webhooks HMAC signatures, exponential retries
cURL Python JavaScript GitHub Actions Copy
# Fetch a project's critical alerts
curl "https://app.techwatchalert.com/api/v1/organizations/org_x7y8/projects/prj_a1b2/alerts?severity=critical&status=pending" \
  -H "Authorization: Bearer twa_xK9...f2q" \
  -H "Accept: application/json"

# Response
{
  "items": [{
    "cve_id": "CVE-2026-1847",
    "severity": "CRITICAL",
    "cvss_score": 9.8,
    "epss_percentile": 0.97,
    "is_kev": true,
    "has_poc": true,
    "status": "PENDING"
  }],
  "total": 3, "page": 1
}
import httpx

client = httpx.Client(
    base_url="https://app.techwatchalert.com/api/v1",
    headers={"Authorization": f"Bearer {API_KEY}"}
)

# List a project's monitored stack
r = client.get(
    f"/organizations/{org_id}/projects/{project_id}/stack"
)

for tech in r.json()["items"]:
    print(f"{tech['vendor']}/{tech['product']}")
// Search CVEs by vendor + severity
const res = await fetch(
  'https://app.techwatchalert.com/api/v1/cves?' +
  new URLSearchParams({
    vendor: 'nginx',
    severity: 'critical,high',
    is_kev: true
  }),
  {
    headers: {
      'Authorization': `Bearer ${apiKey}`
    }
  }
);

const { items, total } = await res.json();
console.log(`${total} active vulnerabilities on nginx`);
# .github/workflows/security-gate.yml
name: Security Gate

on: [push, pull_request]

jobs:
  check-cves:
    runs-on: ubuntu-latest
    steps:
      - name: Block on critical CVEs
        run: |
          COUNT=$(curl -s \
            -H "Authorization: Bearer ${{ secrets.TWA_KEY }}" \
            "$TWA_URL/organizations/$ORG/projects/$PRJ/alerts?severity=critical&status=pending" \
            | jq '.total')
          if [ "$COUNT" -gt "0" ]; then
            echo "❌ $COUNT unresolved critical CVE(s)"
            exit 1
          fi
0K
indexed CVEs
<30s
Average notification time
0+
Sources aggregated continuously
0%
Hosted in France
Pricing

Cybersecurity monitoring pricing: simple, transparent, no surprises.

A plan for every team: free to get started, Plus for small teams, Pro to automate via API, Enterprise for SSO and compliance needs. No artificial cap on the number of CVEs monitored. Monthly or annual billing with 17% off.

Basic
0€ forever

To explore the platform and secure a personal project.

Start for free
  • 1 project
  • 10 items in the watchlist
  • 5 EOL subscriptions
  • Email notifications
  • News feed (6 sources)
  • Customizable dashboard
Plus
19€ / month

For small teams that need to organize monitoring together.

Start trial →
  • Everything in Basic, plus:
  • 5 projects · 5 members
  • Organizations and groups
  • Case management workflow PENDING→RESOLVED
  • PDF reports history 24 months
  • 3 webhooks outbound
  • Slack, Teams, email
Enterprise
199€ / month

For organizations with SSO, audit and compliance requirements.

Contact sales
  • Everything in Pro, plus:
  • SSO SAML / OIDC
  • Audit logs & compliance
  • Dedicated support & SLA
  • Tailored onboarding
  • DPA & France hosting

No commitment — change plan anytime.

Security & sovereignty

French cybersecurity, built for demanding CIOs.

Hosting in France, AES-256 encryption, mandatory TOTP 2FA and full audit logs. Because protecting your stack starts with protecting our data.

Mandatory TOTP 2FA

Google Authenticator, Authy, 1Password — RFC 6238 compatible.

AES-256 encryption

At rest and TLS 1.3 in transit. Short-lived JWT + refresh token in Redis.

France hosting 🇫🇷

Paris-region datacenters. No transfer outside the EU.

Full audit logs

Every action traced: actor, entity, JSON changes, timestamp.

Native rate limiting

10 attempts / 60s per IP. Automatic alerts if brute-force is detected.

Isolated network

Data services on a private network. Only the frontend and API are exposed over HTTPS.

DPA available

Data Processing Agreement signable on request. Full export in 1 click.

99.9% uptime SLA

Multi-probe monitoring, public status page, post-mortem reports.

Sign-ups open

Try TechWatchAlert. Free.

All features, no credit card.

✓ No credit card · ✓ Set up in 2 min
FAQ

The questions that keep coming up.

What is TechWatchAlert?
TechWatchAlert is a French cybersecurity monitoring SaaS. It continuously watches new CVEs and software end-of-life (EOL) dates, cross-matches them with your declared technical stack (CPE matching), then alerts you on the channels of your choice: email, Slack, Microsoft Teams or webhooks. Prioritization relies on CVSS v4, EPSS and CISA's KEV catalog. Hosted in France.
How does TechWatchAlert know which alerts to send me?
You declare your technical stack (OS, frameworks, libraries, appliances) via an importable or manual inventory. Our engines cross-match it with CVE feeds, EOL databases and monitoring sources to surface only what concerns you.
Which sources feed the CVE database?
NVD, MITRE, CERT-FR, CISA KEV, vendor feeds (Microsoft, Red Hat, Debian, Ubuntu) and selected community sources. The data is enriched with CVSS v4, EPSS and our team's analysis.
Is my inventory data confidential?
Yes. Hosting in France (Paris region), AES-256 encryption at rest, TLS 1.3 in transit. No data is ever sold. DPA available on request.
Where is TechWatchAlert hosted?
Entirely in France. The application, the CVE database and all customer data are hosted in datacenters located in the Paris region. No data ever leaves French soil.
Which notification channels are supported?
Slack, Microsoft Teams, Discord, email, in-app notifications and HMAC-signed HTTP webhooks. A full REST API also lets you integrate your own tools. Different channels depending on the severity level.
Can I try it without a credit card?
Yes. Sign-up is free and requires no payment method. A simple work email is enough.
What's included in the PRO plan's API?
20 REST endpoints covering CVEs, alerts, watchlist, EOL, projects, organizations. Bearer auth with revocable keys, per-plan rate limiting, full docs with curl/Python/JS/GitHub Actions examples. HMAC-signed outbound webhooks with exponential retry.
How does the alert handling workflow work?
Each alert follows the cycle PENDING → ANALYZING → FIXING → RESOLVED (or ACCEPTED / NOT_APPLICABLE). Assignable to a member, threaded comments, @user mentions, PDF export. Bulk actions to handle several alerts at once.
Can I change plan at any time?
Yes, upgrade or downgrade on the fly. Prorated billing via Paddle. Your data is never lost — only features are gated by plan.
Is there a French alternative for CVE monitoring?
Yes. TechWatchAlert is designed, built and hosted in France (Paris-region datacenters, DPA available). Unlike code scanners, it covers the whole stack — OS, appliances, frameworks, libraries — with CPE matching, end-of-life (EOL) tracking and a team alert-handling workflow.
Tweaks