CISA KEV corresponding exploits and Nuclei detection rules, filtered
Description
The study dataset comprises selected vulnerabilities from the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalogue. The dataset preparation involved multiple filtering and enrichment steps: Initial Filtering: Vulnerabilities disclosed from 2020 onwards were selected, focusing exclusively on those with Network-based Attack Vectors according to their Common Vulnerability Scoring System (CVSS) classification. Detection Rule Validation: The filtered vulnerabilities were cross-referenced with detection rules available in Ostorlab's GitHub repository, retaining only those vulnerabilities with corresponding detection rules. Exploit Collection: For each of the selected vulnerabilities, the associated exploit code was retrieved. The final dataset contains 123 unique exploits corresponding to 71 distinct Common Vulnerabilities and Exposures (CVEs), each paired with its respective Nuclei detection rule.
Files
Institutions
- NASK Instytut Badawczy