start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Select Page

In today’s evolving cybersecurity landscape, organizations face a constant barrage of threats, with vulnerabilities in endpoints serving as a common entry point for attackers. The Cybersecurity and Infrastructure Security Agency (CISA) has established the Known Exploited Vulnerabilities (KEV) catalog, a comprehensive list of vulnerabilities that have been actively exploited by cybercriminals. Remediating the CISA KEVs is a critical step towards enhancing security and minimizing the risk of cyberattacks.

The Significance of CIS KEV Remediation

CISA KEVs represent a subset of vulnerabilities that have been exploited in real-world attacks, making them particularly dangerous and time sensitive. By prioritizing the remediation of CISA KEVs, organizations can significantly reduce their exposure to these known threats and protect their valuable data assets.

CISA has emphasized the importance of promptly addressing CISA KEVs, issuing Binding Operational Directive (BOD) 22-01, which mandates federal agencies to remediate CIS KEVs within specified timeframes which are also published in the CISA KEV catalog at the time of publishing. This directive underscores the urgency of addressing these vulnerabilities, as they pose a significant risk to organizational security.

BigFix CISA Known Exploited Vulnerability Exposure Analyzer

BigFix CyberFOCUS Security Analytics is a new capability designed to help IT Operations team discover, prioritize, and patch critical vulnerabilities and reduce cybersecurity risk in real time. The CISA Known Exploited Vulnerability Exposure Analyzer is one of several tools delivered with BigFix CyberFOCUS Security Analytics. It enables IT Operations to identify the most urgent and significant security gaps while also ascertaining which assets have the highest exposure across multiple dimensions including time.

The BigFix Known Exploited Vulnerabilities Content Pack includes the CISA Known Exploited Vulnerability Exposure Analyzer to discover, prioritize and remediate CISA KEVs associated with workstations, servers and cloud endpoints. This content pack provides a comprehensive collection of BigFix Fixlets, which are automated scripts that remediate specific vulnerabilities and can automate visibility, analysis and control of the endpoints.

The BigFix Content Pack for CISA KEVs offers:

  • Broad Coverage: The content pack covers the widest range of CISA KEV catalog entries from any single solution, ensuring that organizations can discover virtually all endpoint-related vulnerabilities and remediate the vast majority of them on the relevant OS platforms that BigFix supports.
  • Automated Discovery and Remediation: BigFix Fixlets automate discovery and remediation. The BigFix Content Pack for CISA KEVs, process reducing the burden on IT staff to build and test remediation scripts to address CISA KEV vulnerabilities.
  • Tracking of Remediation Progress: IT organizations can track CISA KEV remediation progress across the enterprise using the award-winning CISA Known Exploited Vulnerability Exposure Analyzer, which is included as part of the CISA KEV Content entitlement without additional charge.

With the BigFix Content Pack for CISA KEV, you can remediate approximately 65% of the associated CISA KEVs, providing organizations with a powerful tool to address the known exploited threats. This percentage will increase quickly as we build out more remediation in the content package. For more detailed information about BigFix content provided to address CISA KEVs, visit the BigFix Wiki.

Take the next step

The importance of remediating CIS KEVs is crucial at strengthening endpoint security and protecting against cyberattacks. If you have BigFix today, you can sign up for a free 30-day trial of the BigFix Content Pack for CISA KEVs. Evaluate the value of this content pack in your environment.

For more information download the BigFix Content Pack for CISA KEVs datasheet.

Comment wrap
Automation | June 10, 2024
HCLSoftware named a Customers’ Choice in 2024 Gartner® Voice of the Customer for Unified Endpoint Management Tools
HCLSoftware named Customers Choice for Unified Endpoint Management Tools by Gartner Peer Insights. Learn more about our innovative endpoint management solutions.
Automation | May 6, 2024
Secure Compliance in Remote Work with HCL BigFix Workspace+
Explore how HCL BigFix Workspace+ ensures robust security and compliance in remote work environments. Discover the story of Joe and how real-time detection, automatic correction, and AI-driven security measures protect against threats and maintain compliance, regardless of location.
Automation | April 15, 2024
HCL BigFix is Now Verified for Oracle Database and Database Options
HCL BigFix achieves Oracle GLAS verification for Oracle Database, offering advanced SAM solutions for optimal software compliance and efficiency.