2025-07-26 –, Track 2
In a world where proprietary pipelines and opaque risk scores drive threat feeds and dashboards, what does it mean to see the vulnerabilities for yourself?
This talk exposes how vulnerability data, while open in theory, is often filtered through black-box interfaces. In Duck Safari, we flip the script: using browser-native tools like ShinyLive, DuckDB-WASM, and duckplyr, we create a transparent, interactive CVE explorer that puts raw data and clear logic back in the hands of cybersecurity teams.
You'll walk away with a no-installation tool to explore vulnerabilities by vendor, severity, or time - rewriting your team's relationship with the shadowy systems that mediate risk and visibility.
🌘 Rewriting Reality in CVE Surveillance
Vulnerability data shapes security posture, yet the way we access it is often constrained by third-party dashboards and scoring systems - algorithmic black boxes that define what we see and prioritise.
In this session, we utilise ShinyLive and DuckDB-WASM to develop a browser-native CVE explorer that operates independently of algorithmic gatekeepers. Powered by open-source tools and client-side computing, this application empowers you to reclaim control: you can ask your own questions, sort your own risks, and view what the dashboards won't show.
This is visibility without vendor bias. Analysis without shadow logic.
🔍 Key Takeaways
🧠 Innovative Integration
Discover how ShinyLive and DuckDB-WASM combine to form a fully offline, install-free tool. duckplyr enables intuitive filtering of CVE data with readable logic—no SQL expertise required.
🔓 Breaking the Black Box
This talk embodies the conference theme by creating a transparent alternative to black-box dashboards. You control the filters, the scoring, the narrative.
🛠 Customisation Without Complexity
Tailor the tool to your environment by searching by vendor, CVSS score, date range, or keyword. Extend the app with tags, bookmarks, or internal playbooks—all in the browser.
🧰 What You'll See
* Where to get NVD CVE data
* How to query and clean it using DuckDB-WASM and duckplyr
* How to build a browser-native CVE explorer with ShinyLive
* Live filtering and visualisation by risk, vendor, or time
* Deployment on GitHub Pages or any internal static site
* Optional extensions: analyst notes, tagging, offline use
🎯 Who Should Attend
This talk is crafted for cybersecurity analysts and defenders who:
* Want more control over how vulnerability data is explored
* Are you tired of platform lock-in and risk score obfuscation
* Need a lightweight, offline-friendly tool for CVE review
* Want to bring clarity and transparency to their threat analysis workflows
No R background is needed—just curiosity and a healthy scepticism of shadow systems.
🎁 You'll Walk Away With
* A working browser-native CVE Explorer app
* All source code on GitHub (forkable and extensible)
* A quick-start guide for deploying and customising it
* A new lens on how vulnerability data can be controlled, explored, and reclaimed
Luis de Sousa is a seasoned data and analytics consultant based in Johannesburg, South Africa, with a passion for enabling organisations through data-driven technologies. With over 17 years of consulting experience, he specialises in designing and implementing customised data solutions, both on-premises and in the cloud.
Throughout his career, Luis has delivered impactful results across a diverse range of industries, including Financial Services, Insurance, Manufacturing, Education, and Media. His areas of expertise span data warehousing, data integration, business intelligence, generative AI, and advanced analytics.
In addition to his professional work, Luis is an active leader in the local data community. He organises the Johannesburg R User Group and PyData Johannesburg, creating platforms for knowledge-sharing and collaboration among data professionals. Through these initiatives, he continues to contribute to the growth and vibrancy of the data science ecosystem in South Africa.