I had a blast working on the latest version of runZero (https://www.runzero.com/blog/runzero-3.8/).

Writing queries that attach vulnerabilities to assets feels like a strange mash-up of SIEM threat hunting, vulnerability scanning, and a shodan safari.