The truth about KEV: CISA’s vuln deadlines good influence on private-sector patching
May 7, 2024 at 07:34AM CISA’s Known Exploited Vulnerabilities (KEV) catalog, aimed at federal agencies, is also positively impacting private organizations, reducing average remediation time to under 175 days, compared to 621 for unlisted vulnerabilities. While both sectors often miss CISA deadlines, private organizations face longer patch times, with technology firms the fastest at 93 … Read more