We have several clients with different internal patch policies (i.e. one might require critical server patches to be applied within 7 days, where another one will accept 21 days).

I'd love to be able to enter these tolerances into the portal on a per-client basis (with there being a default in place), so we can easily report on any vulnerabilities that are outside of those thresholds. Then they can be manually addressed, risks accepted, etc.

Importantly, multiple clients are regulated in the banking space, and they are being told that this level of reporting is required.