CISA KEV Vulnerability

Resource Downloads

Google Slides | Microsoft PowerPoint | PDF Presentation

Injection

You learn that you have an internet facing machine with a vulnerability on the CISA KEV list.

Discussion Prompts

1. How do you determine if this is a confirmed security incident or some kind of anomaly?
   • How do you identify what systems, data, people, and operational processes are potentially involved?
   • What real or potential risk(s) does your organization face?
2. What short term containment options do you have?
   • Can you contain it without destroying evidence?
   • What is the operational impact of the incident and your containment strategy?

Check Your Work

• Did you have to Google CISA KEV?
• Can you identify and patch servers with severe vulnerabilities quickly?
• Do you have a risk-based vulnerability management program?
• Do you subscribe to CISA Known Exploited Vulnerabilities Catalog
  • https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• Are you subscribed to the free CISA Cyber Hygiene? 
  • https://www.cisa.gov/cyber-hygiene-services
• Subscribe to CISA Updates
  • https://www.cisa.gov/about/contact-us/subscribe-updates-cisa