Cyberthreat intelligence provider VulnCheck Inc. today announced the launch of the VulnCheck KEV catalog, a new free offering available as part of the its community.

The catalog for KEV, or known exploited vulnerabilities, provides security teams advanced intelligence on vulnerabilities that have been exploited in the wild so they can better manage threats, solve the prioritization challenge and outpace adversaries.

It has been designed to assist in addressing the rapid growth and exploitation of vulnerabilities. Currently, VulnCheck tracks 876 more vulnerabilities exploited in the wild than the U.S. Cybersecurity and Infrastructure Agency and alerts customers before exploits are added to the CISA KEV catalog on average 27 days earlier.

VulnCheck’s KEV catalog gives cybersecurity vendors and vulnerability management teams faster, broader coverage in an efficient machine-readable dataset needed for detection, prioritization and remediation.

“The CISA KEV catalog continues to be an invaluable tool and driving force in our industry, but there is an opportunity for broader visibility and often earlier indicators into known exploitation,” said founder and Chief Executive Anthony Bettini. “This is why we decided to offer a community resource that provides broader known exploited vulnerability intelligence and reference materials, all delivered at machine speed.”

Key features of the new VulnCheck’s KEV catalog include comprehensive tracking, providing security teams with the largest real-time collection of known exploited vulnerabilities. The free offering encompasses all vulnerabilities listed in the CISA KEV catalog, plus about 80% more reported as exploited in the wild.

The catalog adds what VulnCheck describes as much-needed context to CVEs, including supplementary external links to exploit content available in VulnCheck XDB that references publicly available exploit proof of concept code where possible. VulnCheck also provides citations for each and every CVE, giving security teams a clearer picture of why the vulnerability is on the list. When threat actors, ransomware groups or botnets are involved in the vulnerability exploitation, VulnCheck cites evidence.

Founded in 2021, VulnCheck is a venture capital-backed startup, having raised $3.2 million in funding, according to Tracxn. Investors include Sorenson Ventures Inc., In-Q-Tel Inc., Lux Capital LLC and Aviso Ventures Inc.

Image: VulnCheck