Sponsored: Filtering the KEV was really hard … Until now!

Feb 15, 2026

Todd Beardsley, VP of Security at RunZero and former operator of CISA’s KEV catalog, discusses Kevology and filtering KEV for real exploitability. He covers limitations of one-size mandates, signals used to find truly exploitable RCEs, prioritizing end-of-life systems, and why some exposures need operational fixes rather than patches.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

KEV Lacks Built-In Prioritization

The KEV list is a raw catalog lacking prioritization beyond presence on the list.
Todd Beardsley combined KEV data with other signals to enable meaningful filtering.

ADVICE

Filter KEV By Exploitability Attributes

Filter KEV by specific CVSS attributes (network vector, no user interaction, high integrity impact) rather than by raw severity.
Use RunZero's Kev Collider or the paper methodology to get actionable subsets of KEV vulnerabilities.

INSIGHT

KEV Isn't Always 'Worst Of The Worst'

Not all KEV entries are the

Get the Snipd Podcast app to discover more snips from this episode