Known Exploited Vulnerabilities: Overview

The Known Exploited Vulnerabilities (KEV) Content Pack is a collection of BigFix Fixlets that are derived from extensive research of the Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities (CISA KEV) catalog, National Vulnerability Database (NVD), and vendor advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are vulnerable to exploit.

The CISA issued guidance in their Binding Operational Directive (BOD) 22-01, which directs government agencies to prioritize the identification and remediation of vulnerabilities that are known to have been exploited, rather than traditional guidance based upon a severity rating, like CVSS.

Each CVE is individually analyzed by a team of cyber-security professionals, who determine the impacted software, operating systems, devices and/or configurations, and the most accurate method of detecting the characteristics of the vulnerability on an endpoint.