fromSecurityWeek
7 hours agoNew Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA's KEV Catalog
The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. CISA's KEV Catalog, more commonly known as the KEV list, emerged with the issue of BOD 22-01 in November 2021. This catalog, currently a list of just over 1,500 vulnerabilities known to have been exploited in the wild, suggests a high value prioritization source for vulnerability remediation within industry.
Information security