Don’t panic over CISA’s KEV list, use it smarter
In this Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains what CISA’s Known Exploited Vulnerabilities (KEV) Catalog is and how security teams should use it. He shares his perspective as a former section chief for KEV at CISA and breaks down common misunderstandings about what the list represents.
He points out that not every KEV item is equally urgent. Some vulnerabilities require local access or existing privileges, while others allow remote control. He encourages teams to combine KEV with other sources like CVSS, EPSS, and exploit tooling data to make better patching decisions.
Download: