KEVs Open the Door, Ransomware Kicks It In: The Lifecycle of a Known Exploited Vulnerability
kimb3r
SAINTCON 2025 · Day 4 · Main Track 3
In this insightful SAINTCON presentation, Kimber, Director of Product at VulnCheck and President of 801 Labs, dissects the multifaceted **lifecycle of a Known Exploited Vulnerability (KEV)**, illustrating how these critical security flaws rapidly escalate from initial discovery to widespread exploitation by ransomware gangs. The talk serves as a crucial guide for vulnerability management professionals, offering a pragmatic framework for understanding attacker motivations and the progression of threats. Kimber challenges the traditional reliance on static vulnerability scoring, advocating for a dynamic, context-rich approach to defense that leverages exploit intelligence.