Matching CISA's Known Exploited Vulnerabilities (KEV) CVE IDs with those in your infrastructure provides critical benefits by enabling targeted vulnerability management. The KEV catalog highlights vulnerabilities actively exploited in the wild, allowing organizations to prioritize remediation efforts on high-risk threats that could lead to real-world breaches. By focusing on vulnerabilities affecting critical or exposed systems, such as internet-facing services or systems handling sensitive data, organizations can allocate resources more effectively, reduce attack surfaces, and strengthen overall security posture. This risk-based approach ensures that mitigation efforts align with the actual threat landscape and operational context.
KEV is one of CISA's key cyber initiatives: https://www.cisa.gov/news-events/news/key-cyber-initiatives-cisa-kev-catalog-cpgs-and-prni
A way to implement the KEV catalog, would be to include a download link to the KEV .json file (which is publicly available), in the SecObs Security Settings page. Or a way to upload it manually.
A dedicated table with a set of columns for KEV specific data would make it possible to manipulate SecObs data.
Note: This can be done out of band today, but it would be nicer if it were baked in.
KEV Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
