Halo Security recently implemented a new feature to reduce the noise and improve attack surface visibility, helping customers identify active threats in the wild — known exploited vulnerabilities (KEVs) from the Cybersecurity and Infrastructure Security Agency (CISA) catalog — and giving them better insight into their own risk.
The number of common vulnerabilities and exposures (CVEs) has grown each year since 2016, leaving security teams exceedingly burdened and constantly chasing vulnerabilities that may be considered low priority to them.
According to CISA, less than 4% of CVEs are actually exploited. This new feature, which is available to all Halo Security customers at no added cost, gives better visibility to that 4% attackers have actually weaponized in real-world attacks.
“The sheer volume of CVEs can be overwhelming and when organizations don’t know which vulnerabilities to prioritize, they end up on a wild goose chase,” said Nick Merritt, VP of Security and Products at Halo Security.
“Our new KEV feature helps security teams understand their full attack surface by alerting them to only the most relevant threats — saving time, reducing noise, and improving security posture,” Merritt continued.
With this new feature, a red banner will appear at the top of the Halo platform to alert users when KEVs have been identified and all found vulnerabilities can easily be filtered and sorted based on this data.
This helps security teams prioritize remediation and better understand their true attack surface.
The KEV feature seamlessly integrates with Halo Security’s other offerings, including asset discovery, risk and vulnerability assessment, application scanning, and penetration testing.