The truth about KEV: CISA’s vuln deadlines good influence on private-sector patching

More work to do as most deadlines are missed and worst bugs still take months to fix
The deadlines associated with CISA's Known Exploited Vulnerabilities (KEV) catalog only apply to federal agencies, but fresh research shows they're having a positive impact on private organizations too.…