PocketVM
Manage vulnerabilities from your pocket.
Privacy-first. Keychain-secured.
PocketVM gives security engineers and vulnerability analysts a single mobile app to manage Tenable.io, Qualys VMDR, and Rapid7 InsightVM. Monitor dashboards, triage findings, launch scans, accept risk, and create remediation tickets — all from your pocket. Your credentials never leave your device.
Three vulnerability platforms. One interface.
Connect your existing platform accounts in seconds. PocketVM communicates directly with each vendor’s API — your data never touches our servers.
Tenable.io
Dashboards, scan lifecycle, findings triage, asset visibility, risk acceptance
Qualys VMDR
Scan management, KnowledgeBase enrichment, host detections, accept risk
Rapid7 InsightVM
Asset groups, vulnerability results, scan workflows, remediation projects
Scans, findings, risk acceptance, and tickets from your phone
Dashboard
Severity breakdowns at a glance. Critical, high, medium, and low findings with real-time counts from your platform.
Scan Management
Launch, pause, resume, and stop scans on the go. View scan status, target lists, and completion details.
Findings Triage
Browse vulnerabilities enriched with CVE identifiers, solutions, and affected asset counts. Filter by severity and search.
Accept Risk
Accept or recast risk directly from the finding detail screen with comments and justification.
Ticketing
Create tickets in Jira, ServiceNow, or via email-to-case with pre-filled vulnerability context.
Asset Discovery
View hosts, IPs, and OS details. Drill into per-asset vulnerability lists to understand exposure.
Global Filters
Default severity, date range, and state filters applied consistently across dashboard and findings.
Multi-Platform
Switch between Tenable, Qualys, and Rapid7 using connection profiles. One app, multiple vulnerability platforms.
Your credentials never leave your device
PocketVM was built with a zero-trust architecture. We literally cannot see your data.
Keychain Storage
All API credentials stored in the iOS Keychain with hardware-backed encryption. Never transmitted to any server.
Direct API Calls
Your device talks directly to Tenable, Qualys, and Rapid7 APIs. WeaveHub never proxies, logs, or sees your traffic.
Biometric Lock
Optional Face ID or Touch ID lock keeps your vulnerability data secure even if someone picks up your phone.
Simple pricing. No surprises.
- All vulnerability platforms
- Unlimited connection profiles
- Full scan lifecycle management
- KB-enriched findings with CVEs
- Jira and ServiceNow ticketing
- Biometric app lock
- No ads, no tracking
PocketVM questions
Does PocketVM support Tenable, Qualys, and Rapid7?
Yes. PocketVM supports Tenable.io, Qualys VMDR, and Rapid7 InsightVM so security teams can switch between vulnerability management platforms from one mobile app.
Does PocketVM send vulnerability data through WeaveHub servers?
No. PocketVM connects directly from your device to Tenable, Qualys, and Rapid7 APIs using credentials stored locally on your device. WeaveHub does not proxy or store vulnerability data.
Can PocketVM create remediation tickets from mobile?
Yes. PocketVM can create Jira, ServiceNow, or email-to-case tickets with vulnerability context so remediation work can start from a mobile triage workflow.
Ready to manage vulnerabilities from anywhere?
PocketVM is available now on the App Store and Google Play.
