Solid guide . One question how do you decide what’s actually exploitable vs just high severity on paper?
Vulnerability Check & Triage Walkthrough
2 Comments
Amara Graham
•
@[Andrey Turkin] CISA does that for me with their KEV (Known Exploited Vulnerabilities) Catalog. These are known to have already been exploited in the wild. I realized after I was using this as a datasource that the AI would probably always evaluate these as a high priority and requiring immediate mitigation. Oh well.
You can also find lists that are "just" CVEs and look really severe, but can't be exploited due to a variety of things. This is where I would leverage the AI tools companies are giving access to their source code and work collaboratively to determine if it's exploitable in that particularly setup/configuration/environment/etc.
Please log in to add a comment.
🔥 Join developers growing publicly
Share your knowledge, build in public, and grow your developer presence with a global community.
Please log in to comment on this post.
More Posts
- © 2026 Coder Legion
- Feedback / Bug
- Privacy
- About Us
- Contacts
- Premium Subscription
- Terms of Service
- Refund
- Early Builders
chevron_left
More From Amara Graham
Related Jobs
- Software Engineer, Test & Infrastructure II (Bilingual Spanish)Vail Systems · Full time · Springfield, IL
- Psychological Operations (PSYOP) / MISO Planner / Technical Site Lead, Tampa, FL; Amman, Jordan - TS-SCIPeraton · Full time · United Arab Emirates
- Frontend React Developer - TAMPACitigroup Inc · Full time · Tampa, FL
Commenters (This Week)
Josaphatstar
3 comments
webMethodMan
1 comment
Naveeeya
1 comment
Contribute meaningful comments to climb the leaderboard and earn badges!