Some users may experience issues accessing the case portal. For more information, please click here.

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mhotujec
Level 3
‎Nov 15, 2021 02:18 PM

CISA BOD 22-01 and Known Exploited Vulnerabilities

Does Flexera have any intention to somehow integrate the new CISA Known Exploited Vulnerabilities list (Reducing the Significant Risk of Known Exploited Vulnerabilities), announced as part of CISA BOD 22-10 (cyber.dhs.gov - Binding Operational Directive 22-01)? 

It sounds like this is similar to the Threat rating offered by Flexera, but I would love to be able to include/exclude vulnerabilities in Smart Groups based on their presence on the new CISA list.  Or as a toggle within Smart Group Results (secure, end of life, insecure, CISA list).

 

Thanks.

 

 

0 Kudos

This thread has been automatically locked due to inactivity.

To continue the discussion, please start a new thread.
1 Reply
bkelly
Moderator Moderator
Moderator
‎Nov 16, 2021 12:16 PM

Thanks for your question. We consider a very broad range of vulnerability intelligence as sources for our advisories, including this. However, we do not currently have plans to expose this as distinct metadata. If this specific source is of special value to you and you would like to see it surfaced as a detail on which you might base a smart group, please suggest such as an enhancement request in our Ideas portal at https://flexerasfdc.ideas.aha.io/ideas?project=SVM so we can better track this request and consider the interest of other customers as part of our prioritization process. 

0 Kudos