Decoding CISA Known Exploited Vulnerabilities

Decoding CISA KEV - MITRE Analysis

Through Decoding CISA KEV reports, CSW experts take a step back to provide a holistic view of the KEV Catalog and its vulnerabilities to understand what types of vulnerabilities are being added to this list and to bring forward the threat context associated with each vulnerability.

In this edition, we mapped the entire CISA KEV catalog to MITRE’ ATT&CK tactics and techniques and have prioritized the vulnerabilities with a complete kill chain. In this report, we take a deep dive into what makes these vulnerabilities extremely dangerous and why attackers go after them.