KEVs are remediated in under 175 days on average, compared to 621 for non-catalog vulnerabilities, showing the positive effect of CISA's KEV list in the private sector.
Federal agencies have a 21-day deadline, while missing deadlines occurs 60% of the time; FCEBs are 56% more likely to meet deadlines than private sector organizations, according to Bitsight.
#cisa #known-exploited-vulnerabilities #private-organizations #vulnerability-remediation #patch-management
[
add
]
[
|
|
...
]