- July 24, 2023
- Scott Kuffer
Categorizing the CISA KEV by Technology Type
When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited.
To offer a comprehensive understanding of CISA KEV, I categorized all entries by technology type and created an interactive data visualization that makes it easy to explore. Data visualization is a powerful tool for quickly interpreting complex information. For this purpose, I designed a zoomable circle packing chart, which effectively represents large datasets visually. This chart allows users to gain insights into the distribution of KEV entries across different technology categories effortlessly.
Before creating the data visualization, I categorized all the CISA KEV entries based on their respective technology domains. The resulting categories are as follows:
- Operating System – 235 entries
- Network – 182 entries
- Browser – 96 entries
- Productivity Software – 66 entries
- Development Platform – 65 entries
- Open Source Software – 51 entries
- Email – 34 entries
- Mobile Devices – 32 entries
- Browser Plug-in – 31 entries
- Content Management System – 23 entries
- Virtualization – 20 entries
- Security Tool – 19 entries
- Compute Hardware – 17 entries
- File Transfer – 16 entries
- Identity – 16 entries
- Network Storage – 13 entries
- Data – 12 entries
- Collaboration Platform – 11 entries
- Other – 8 entries
- CRM (Customer Relationship Management) – 7 entries
- Configuration Management – 7 entries
- Industrial Control System – 7 entries
- Backup – 5 entries
- Remote Management – 3 entries
The Zoomable Circle Packing Chart:
The resultant data visualization showcases a zoomable circle packing chart, providing users with a seamless exploration experience. By interacting with the chart, users can explore the number of KEV entries attributed to each technology category and further drill down to view the specific vendors and products impacted.
Key Findings:
The data visualization yielded compelling insights, underscoring the significance of comprehending the technology categories that are most common in CISA KEV. Notably, the following four technology domains accounted for a substantial 59% of all KEV entries:
- Operating System
- Network
- Browser
- Productivity Software
These findings emphasize the critical role these technology areas play and help us understanding where we should consider focusing on implementing strong vulnerability management practices to help reduce an organizations risk.