Research & blog
Field notes on making sense of the vulnerability firehose.
Jun 18, 20265 min read
Reading the KEV catalog: what “known exploited” really means
CISA's Known Exploited Vulnerabilities catalog is the highest-signal feed in vuln management — if you understand what inclusion does and doesn't imply.
Jun 10, 20264 min read
EPSS vs CVSS: scoring how likely, not just how bad
CVSS tells you how damaging a vulnerability could be. EPSS tells you how likely it is to actually be exploited. Triaging on one without the other is how teams drown.