Latest news with #KEV


Techday NZ
22-05-2025
- Business
- Techday NZ
Picus launches tool for real-time validation of exploitable risks
Picus Security has introduced a new capability designed to help security teams determine which vulnerabilities in their environments are actually exploitable. The new feature, called Picus Exposure Validation, uses real-time attack simulations to provide evidence-based assessments of vulnerability risks within a specific organisation's environment. This approach aims to address the challenge of large numbers of vulnerabilities that are often identified but not all requiring immediate attention or remediation. With more than 40,000 new Common Vulnerabilities and Exposures (CVEs) disclosed in 2024 - with 61% ranked as high or critical - security teams often struggle to respond effectively, as traditional vulnerability management methods can lead to inefficient allocation of resources. Picus Security says the new capability assists security teams in distinguishing between vulnerabilities that can actually be exploited in their unique systems and those that can be safely deprioritised. Traditional vulnerability management is typically driven by severity metrics such as Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS), which provide generalised risk indicators but may not account for an individual organisation's existing security controls and asset criticality. Picus Exposure Validation aims to fill this gap with the Picus Exposure Score, an evidence-based, context-aware metric intended to reflect actual risk, according to the company. The system continuously tests security controls using real-world attack techniques to determine whether known vulnerabilities can be exploited given the organisation's current defences. The findings are automatically updated and presented in transparent reports, enabling quicker and more confident decision-making in response to new security threats. Volkan Ertürk, Co-Founder and Chief Technology Officer at Picus Security, commented: "The challenge today isn't finding vulnerabilities, it's knowing which ones matter in your unique environment. CVSS, EPSS and KEV offer theoretical risk signals. Picus Exposure Validation delivers proof by testing threats against your production defenses in real time. It replaces assumptions with evidence so security teams can focus on vulnerabilities that are actually exploitable." Key features highlighted by the company include the ability for security teams to more accurately prioritise remediation work, safely deprioritise less urgent vulnerabilities, and reduce manual workloads through the use of automated validation processes. The solution is said to include tailored recommendations to quickly improve the effectiveness of security controls, offering an alternative when immediate patching is not feasible. A global industrial firm reported that, upon deploying Picus Exposure Validation, it was able to reduce its list of critical patches by 85%. Based solely on CVSS ratings, 63% of the vulnerabilities in the organisation's systems were initially classified as critical. However, after applying Picus Exposure Validation, it was found that only 9% of those were truly high risk and required prioritisation. This reduction reportedly saved the organisation thousands of hours on patching activity and allowed the security team to focus resources more efficiently. The company positions Picus Exposure Validation as a new methodology for combining data about vulnerabilities with automated attack simulation to create an organisation-specific analysis of exploitability. This approach, according to Picus, offers security teams a more focused view on where to deploy efforts for mitigation and remediation and thereby enables more effective closing of security gaps. The Picus Exposure Validation feature is now available to organisations seeking enhanced vulnerability validation for their own environments. Follow us on: Share on:
Yahoo
28-01-2025
- Health
- Yahoo
Proposed Kentucky house bill would create emergency volunteer corps
FRANKFORT, Ky. (FOX 56) — State lawmakers are hard at work during the legislative session, already filing several bills in both the state house and state senate. One proposed house bill could greatly impact how the state responds to emergencies in the future. If passed, House Bill 41, filed by Rep. John Hodgson (R-Jefferson) and Sen. Aaron Reed (R-Shelbyville), would establish the Kentucky Emergency Volunteer Corps, or KEV. This group of volunteers would help assist first responders and emergency management personnel across the state whenever Kentucky faces an emergency like flooding, tornadoes, or, as was the case this month, extreme snow and ice. Read more of the latest Lexington & central Kentucky news In recent years there's been an uptick in those kinds of events and with more likely in the future, Hodgson said now is the time for Kentucky to prepare. He said the KEV would be a key resource for quicker response while also preventing first responders from getting overworked. 'I think people take a lot more ownership in the community when they volunteer for it; they get some fulfillment of that,' Hodgson said. 'I think we could create a group of volunteers at each county that are reporting to that county emergency manager that have been trained to standardize levels and have a uniform. So, when the disaster occurs. But the county emergency management manager can call everybody out; let's go to work. Let's direct traffic loss, distribute water, get on the radio, remove storm damage.' If the bill does pass this legislative session, there would be a few requirements one would have to meet to become a KEV member. Proposed Kentucky house bill would create emergency volunteer corps Fayette County board renews Superintendent Liggins' contract after weeks of controversy Respiratory illnesses are widespread in the Bluegrass Those requirements include: Being between the ages of 18-64. Pass a background check. Be physically able to perform various tasks (depending on the role). Complete one-week basic training and FEMA training class. Regardless of whether or not the bill passes, Hodgson said it highlights something that has become a part of the Kentucky way. That is Kentuckians' willingness to always help their neighbors before helping themselves. Specifically, in some of the more rural parts of the state, Hodgson said there has never been a moment where he hasn't seen people helping someone else during a time of need, from changing a flat tire to when we have seen tornadoes or floods destroy parts of the state. He's confident that should this bill get passed, there will be no shortage of people wanting to volunteer. Child sex offenders could be banned from trick-or-treating under Lexington lawmaker's bill Hodgson also feels this bill could also be an avenue for young people who have an interest in giving back. 'They say that as a nation, our readiness of youth that are eligible to join the service, about 77% of them can't meet the qualifications because they're out of shape,' Hodgson explained. 'I think that's a national security concern, so it'll help kids get more active, get more, get training, get more competency in responding to emergencies. Stuff that my generation may have had to learn growing up but the modern electronic generation might not.' Hodgson said he's confident if the bill passes as well, it will be a great connector between generations, as there will be a shared commitment to service from those young and old that volunteers can use to relate with one another. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.