The CISA Known Exploited Vulnerabilities (KEV) catalog is a list maintained by the U.S. Cybersecurity and Infrastructure Security Agency of vulnerabilities that are confirmed to be actively exploited in the wild. Federal agencies are required to remediate KEV-listed vulnerabilities within specified timeframes, and the catalog serves as a prioritization guide for all organizations.
If a vulnerability is on the KEV list, it's not theoretical — attackers are actively using it right now. KEV-listed vulnerabilities should be your highest remediation priority regardless of CVSS score.
Redsight cross-references all findings against the CISA KEV catalog and flags any matches for immediate attention, ensuring actively-exploited vulnerabilities are never deprioritized.
Get started in minutes. No contracts, no commitments.
Start Scanning →