CISA provided a fitting update to the Known Exploitable Vulnerability (KEV) catalog in October to support Cybersecurity Awareness Month. This update should make a substantial difference in assisting organizations in preventing ransomware in organizations networks.
This update, identifying which of the 1020 Known Exploitable Vulnerabilities are used by Ransomware.
Why is this important? Let’s look at the numbers.
Of the 176,000 + Vulnerabilities, there are approximately 1020 being exploited by Threat Actors. Of these 1020 KEV’s, about 185 of these are exploited by ransomware.
So, theoretically, if you can address the 185 vulnerabilities exploited by ransomware, you have taken a big step in preventing exploitation.
This doesn’t mean only address the KEV’s and KEV’s that are known to be used in ransomware, this is a starting point in securing your environment.
Close the easy exploits and you have just made your environment safer and more secure to address larger security concerns.
If you need assistance in evaluating your Known Exploitable Vulnerabilities, reach out to your Sales Representative for on how CarbonHelix can assist with Tenable products.
(Numbers of KEV’s change frequently)