Halo Security is excited to introduce a powerful new feature to help you identify the vulnerabilities across your attack surface that are actively being exploited in the wild.
By integrating the Known Exploited Vulnerabilities (KEVs) catalog from the Cybersecurity and Infrastructure Security Agency (CISA) catalog, we've made it simpler to prioritize the most important vulnerabilities across your assets.
According to CISA, less than 4% of CVEs are actually exploited. This new feature gives you better visibility to those vulnerabilities, helping you easily distinguish between exploitable and actively exploited vulnerabilities to maximize your mitigation efforts.
The platform seamlessly provides this additional data via:
- A banner alert for any technologies that have known exploited vulnerabilities
- A new filter for your Issues list
- An active exploit indicator on your Issue detail pages
As attack surfaces grow, we know that prioritizing the issues that carry significant risk remains a top priority for security teams of all sizes. We hope this new feature helps you better manage remediation efforts and we look forward to your feedback.
When will this be available?
This feature is now available to all customers using our Server Scanning services at no additional cost.
What's the difference between CVEs and KEVs?
Common Vulnerability and Exposures (CVEs) represent a comprehensive list of known vulnerabilities, but even many CVEs with a ‘High’ or ‘Critical’ rating may require special conditions or permissions, and some have only been demonstrated in labs. In comparison, Known Exploited Vulnerabilities (KEVs) represent only the subset of CVEs that have been identified as being actively exploited by malicious actors.
What is CISA?
The Cybersecurity and Infrastructure Security Agency (CISA) is a federal agency within the United States Department of Homeland Security (DHS). CISA's mission is to protect the nation's critical infrastructure from physical and cyber threats. CISA accomplishes this by working with partners in the government, private sector, and international communities to identify and mitigate risks, share information, and provide technical assistance and guidance.
What is the KEV catalog?
The Known Exploited Vulnerabilities (KEV) catalog contains information about known vulnerabilities that are being actively exploited by malicious actors. The KEV catalog is intended to help organizations improve their cybersecurity posture by providing them with actionable intelligence about known exploits they can use to defend themselves against cyberthreats.