BlueRock EVC
  • Overview
  • EVC Portal Access
  • User Guide
  • CVE Lookups
  • EVC API
Powered by GitBook

© 2025 BlueRock Security Inc. All rights reserved.

On this page
  • CISA KEV (Current Mechanisms)
  • What Each Panel Means
  • Clickable Vendor Slices
  • Clickable, Explainable CVEs
  • CISA KEV (Future Mechanisms)
  • CISA KEV (Excluded CVEs)
  • All CVE Details

Was this helpful?

Export as PDF

User Guide

Curious about what each visual means in EVC? Read on to learn more.

PreviousEVC Portal AccessNextCVE Lookups

Last updated 27 days ago

Was this helpful?

CISA KEV (Current Mechanisms)

Not every CVE is the same. Some are more painful than most. In recent years, CISA keeps track of which CVEs that usually cause the most pain for US Government organizations within their Known Exploited Vulnerabilities (KEV) catalog. These are the subset of CVEs known to be actively exploited by threat actors across numerous real-world breaches.

Using BlueRock EVC AI, here is a snapshot of which CVEs in the CISA KEV that BlueRock helps neutralize:

As new CVEs are added to the CISA KEV, this view and all other views will be dynamically updated within 24 hours or less.

What Each Panel Means

  • Right Panel: Shows all of the CVEs in the CISA KEV by vendor. Includes all platform types and all vendors.

  • Middle Panel: Shows the subset of CVEs in the CISA KEV that pertain to Linux-based server or containerized workloads. This is the subset of CVEs relevant to BlueRock customers.

  • Left Panel: Shows the subset of CVEs in the CISA KEV that can be neutralized by BlueRock.

Clickable Vendor Slices

Each vendor slice of the donut chart is clickable, giving you specifics about which CVEs are covered by BlueRock (blue checkmarks), as shown in the image below:

Clickable, Explainable CVEs

For additional detail, click further on a given CVE to see a deeper CVE-specific view, explaining how a covered CVE is mitigated based on specific BlueRock mechanisms:

Scrolling down on that side right most panel, we see detailed explanations about how BlueRock mechanisms neutralize this corresponding CVE:

CISA KEV (Future Mechanisms)

Similar to the CISA KEV (Current Mechanisms), this page shows a combined view of all CVEs that are both currently neutralized by existing BlueRock mechanisms as well as by future BlueRock mechanisms that are on the product roadmap.

For more details about specific future BlueRock mechanism release dates, please contact BlueRock customer support.

CISA KEV (Excluded CVEs)

Based on customer feedback, this page illustrates the subset of CVEs in the CISA KEV that BlueRock cannot neutralize based on both current and future BlueRock mechanisms.

As new BlueRock mechanisms are implemented and added to product roadmaps, all views will dynamically adjust to show updated coverage.

All CVE Details

Beyond the KEV

While the KEV highlights the most painful CVEs at the moment, it’s not everything security operators need to worry about. That’s why BlueRock EVC covers more than just the CISA KEV.

Specifically, BlueRock EVC:

  • Continuously tracks and monitors all CVEs published on or after 2025 (as reported through the MITRE CVE Program)

  • Continuously tracks and monitors all CVEs updated by the NIST National Vulnerability Database on or after 2025 (This also includes older CVEs that have been recently updated by NIST NVD in 2025 or later)

On this page, use the top-left search box to find BlueRock coverage details for specific CVEs:

Want to search by multiple CVEs at a time? Check out our CVE Lookups support, next.

CISA KEV (Current Mechanisms) View
Example Vendor Slice View
Example CVE Specific View
Example Explanation of BlueRock Mechanisms in CVE Specific View
Example CVE Detail of Planned Coverage
CISA KEV (Excluded CVEs) View
CVE Details for All CVEs Processed By EVC