Home
Known Exploited Vulnerabilities Content Pack (Add-on)
The Known Exploited Vulnerabilities Content Pack utilizes a collection of BigFix Fixlets to identify the endpoints with vulnerabilities that are prone to exploits.
Known Exploited Vulnerabilities: Overview
The Known Exploited Vulnerabilities (KEV) Content Pack is a collection of BigFix Fixlets that are derived from extensive research of the Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities (CISA KEV) catalog, National Vulnerability Database (NVD), and vendor advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are vulnerable to exploit.

Known Exploited Vulnerabilities Content Pack (Add-on)
The Known Exploited Vulnerabilities Content Pack utilizes a collection of BigFix Fixlets to identify the endpoints with vulnerabilities that are prone to exploits.
- Known Exploited Vulnerabilities: Overview
  The Known Exploited Vulnerabilities (KEV) Content Pack is a collection of BigFix Fixlets that are derived from extensive research of the Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities (CISA KEV) catalog, National Vulnerability Database (NVD), and vendor advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are vulnerable to exploit.
- Enabling the BigFix KEV Content Pack Site
  This topic provides instructions on how to enable the Known Exploited Vulnerabilities (KEV) Content Pack.
- CVE probe management
  This topic provides instructions on how to enable the CVE Detection Probes for the target operating systems.
- Unsupported CVEs
  This topic provides details on Common Vulnerabilities and Exposures (CVEs) that are not supported with the Known Exploited Vulnerabilities Content Pack.

Known Exploited Vulnerabilities: Overview

The Known Exploited Vulnerabilities (KEV) Content Pack is a collection of BigFix Fixlets that are derived from extensive research of the Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities (CISA KEV) catalog, National Vulnerability Database (NVD), and vendor advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are vulnerable to exploit.

The CISA issued guidance in their Binding Operational Directive (BOD) 22-01, which directs government agencies to prioritize the identification and remediation of vulnerabilities that are known to have been exploited, rather than traditional guidance based upon a severity rating, like CVSS.

Each CVE is individually analyzed by a team of cyber-security professionals, who determine the impacted software, operating systems, devices and/or configurations, and the most accurate method of detecting the characteristics of the vulnerability on an endpoint.