search

book-openUser Guide

Curious about what each visual means in EVC? Read on to learn more.

hashtag
CISA KEV (Current Mechanisms)arrow-up-right

Not every CVE is the same. Some are more painful than most. In recent years, CISA keeps track of which CVEs that usually cause the most pain for US Government organizations within their Known Exploited Vulnerabilities (KEV) catalogarrow-up-right. These are the subset of CVEs known to be actively exploited by threat actorsarrow-up-right across numerous real-world breaches.

Using BlueRock EVC AI, here is a snapshot of which CVEs in the CISA KEV that BlueRock helps neutralize:

CISA KEV (Current Mechanisms) View
circle-check

As new CVEs are added to the CISA KEV, this view and all other views will be dynamically updated within 24 hours or less.

hashtag
What Each Panel Means

  • Right Panel: Shows all of the CVEs in the CISA KEV by vendor. Includes all platform types and all vendors.

  • Middle Panel: Shows the subset of CVEs in the CISA KEV that pertain to Linux-based server or containerized workloads. This is the subset of CVEs relevant to BlueRock customers.

  • Left Panel: Shows the subset of CVEs in the CISA KEV that can be neutralized by BlueRock.

hashtag
Clickable Vendor Slices

Each vendor slice of the donut chart is clickable, giving you specifics about which CVEs are covered by BlueRock (blue checkmarks), as shown in the image below:

Example Vendor Slice View

hashtag
Clickable, Explainable CVEs

For additional detail, click further on a given CVE to see a deeper CVE-specific view, explaining how a covered CVE is mitigated based on specific BlueRock mechanisms:

Example CVE Specific View

Scrolling down on that side right most panel, we see detailed explanations about how BlueRock mechanisms neutralize this corresponding CVE:

Example Explanation of BlueRock Mechanisms in CVE Specific View

hashtag
CISA KEV (Future Mechanisms)arrow-up-right

Similar to the CISA KEV (Current Mechanisms), this page shows a combined view of all CVEs that are both currently neutralized by existing BlueRock mechanisms as well as by future BlueRock mechanisms that are on the product roadmap.

Example CVE Detail of Planned Coverage
circle-info

For more details about specific future BlueRock mechanism release dates, please contact BlueRock customer support.

hashtag
CISA KEV (Excluded CVEs)arrow-up-right

Based on customer feedback, this page illustrates the subset of CVEs in the CISA KEV that BlueRock cannot neutralize based on both current and future BlueRock mechanisms.

CISA KEV (Excluded CVEs) View
circle-check

As new BlueRock mechanisms are implemented and added to product roadmaps, all views will dynamically adjust to show updated coverage.

hashtag
All CVE Detailsarrow-up-right

Beyond the KEV

While the KEV highlights the most painful CVEs at the moment, it’s not everything security operators need to worry about. That’s why BlueRock EVC covers more than just the CISA KEV.

Specifically, BlueRock EVC:

On this page, use the top-left search box to find BlueRock coverage details for specific CVEs:

CVE Details for All CVEs Processed By EVC

Want to search by multiple CVEs at a time? Check out our CVE Lookups support, next.

PreviousEVC Portal AccessNextCVE Lookups

Last updated

Was this helpful?