Pylarinos added: “There are several proactive steps that security teams can also take to mitigate vulnerabilities. If this news shows us anything, it’s the insecurity of relying solely on CVE data moving forward. CISA’s KEV [Known Exploited Vulnerabilities], vendor advisories, and private threat feeds, for example, can all be used to provide further context and a wider view of the vulnerability landscape.”
Pairing solid security fundamentals with active, real-time intelligence is enterprise security’s best bet.
“The integration of live threat intelligence, threat-informed training, and investment in internal penetration testing and threat modelling provides security teams with a more comprehensive overview of current threat levels and better identification of vulnerabilities,” Pylarinos concluded.