Known Exploited Vulnerabilities (KEVs) are security flaws that have been actively used in cyberattacks. Unlike theoretical vulnerabilities, KEVs have been confirmed as exploited in real-world incidents, making them a high-priority concern for organizations and individuals alike.
Why Are KEVs Significant?
Known Exploited Vulnerabilities (KEVs) are security flaws actively targeted by cybercriminals. They pose immediate threats, enabling attackers to infiltrate systems, steal data, deploy ransomware, and disrupt operations. Security agencies like CISA maintain a KEV catalog to help organizations identify & mitigate these vulnerabilities promptly.
How to Use KEV Data for Prioritization
To effectively use Known Exploited Vulnerability (KEV) data for prioritization, focus on vulnerabilities that are actively being exploited, as they pose immediate threats. Additionally, consider high-risk vulnerabilities that, while not yet exploited, have the potential for exploitation due to their severity. By integrating KEV data into your vulnerability management process, you can ensure that both actively exploited and high-risk vulnerabilities are addressed promptly, thereby enhancing your organization's security posture.
How do I know if my domain has active KEVs?
Checking the Hosting Security section of your Perimeter Report will show you if any KEVs were found on your domain scan. If KEVs have been detected, you'll see this tagged in red text here.
If you have KEVs present on your report, you can use the toggle on the right side of the report to only show the active KEVs.
This will help you to separate the KEVs from the other Hosting Security vulnerabilities when prioritizing your remediation efforts.