-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
What are the sources used for known exploits?
When the setting Include vulnerabilities with known exploits is turned on, we identify vulnerabilities where known exploits are available in the wild.
For this, we monitor a number of sources of information that are continuously reviewed and used to update our vulnerability tests:
- CISA list
The known Exploited Vulnerabilities Catalog is based on evidence of active exploitation. - Vulncheck list
The known Exploited Vulnerabilities Catalog is based on evidence of active exploitation. - ExploitDB
A repository for exploits and proofs-of-concept. - Metasploit
Penetration testing platform that enables you to write, test, and execute exploit code.