Boss threw a hat in the air and it landed on mt head.
Now I am looking into security issue management / solutions - and I am not sure exactly where to turn, what software can accomplish my needs, or is closest to it.

Sadly, I cannot just run (credentialed) scans against product samples and see where a new light comes on in case of a new vuln.
Most solutions out there are geared towards company IT. My scenario is different.

Here is the rough rundown.
I work for a company that makes devices that generate sensitive, personal data.
We have some experience with (cyber)security, this is not a first step but we are now trying to make it a more cohesive attempt.

Our devices span several operating systems. Android, Windows flavors, Linux flavors.
Clients are expecting us to react (patch, statement, ...) to CVEs and other ways vulnerabilities made public.
We have bills-of material BOM for software components used on our systems (SBOM) - I know the components I have to monitor, I know sources for CVEs and other notification channels.

What tool/solution allows me to open the tap on the security and vuln newsfeeds and configure it to my needs to prevent drowning?
I am looking for a (semi) automated way to keep up to date on the security aspect of SW components I have to monitor.
To give an idea: It is not easy to manage 100 different software components and manually comb through published vulns.

I will gladly go into specific details as needed to move this thread along.