The Exploitability Intelligence Gap: What Security Teams Can Know Before CISA KEV

What can (and should) security teams know before a vulnerability is added to CISA KEV?

In this webinar, we’ll share original research based on new entries to the CISA KEV catalog since Oct 2025, where 18% surfaced clear exploitability signals days and even weeks before KEV listing. We will share our deep dive into the 36% that were identified as exploited before KEV and the remaining 64% exploitable with no identified pre-KEV exploitation.

We’ll break down what those findings mean for vulnerability and exposure management teams, how public proof-of-concept (PoC) and EPSS behaved before and after KEV, and why AI-driven research is the key in a world where exploitation windows are shrinking to days.

What You Will Learn

• Why some vulnerabilities become decision-ready days before CISA KEV
• What the timelines of exploits to vulnerabilities in Notepad++, Chrome, Gogs, and FileZen reveal about earlier exploitability and exploitation signals
• When a public PoC should trigger action and why the absence of a PoC should not delay it
• Where EPSS helped, where it lagged, and what that means for real-world prioritization
• How to build a more practical, exploitation-informed decision model for vulnerability and exposure management teams