Risk Spotlight

Risk spotlight prioritizes vulnerabilities that pose a real risk to your organization using workload configuration, runtime context, exploitability, severity, and fixability, cutting the noise of your CVE scanning results by >90% and helping you focus on the alerts that actually matter.
For any organization, there could be a large number of vulnerabilities, considering the number of workloads and images. To make fixing them more manageable, Risk Spotlight adds a new way of prioritizing vulnerabilities based on runtime behavior. This can significantly reduce the number of vulnerabilities that need immediate attention, making the vulnerability management process more effective.

It does this by combining the following information:

• Entities that are external-facing
• Entities that have vulnerabilities such as:
  • Their vulnerable package is loaded into memory.
  • Are exploitable according to EPSS and CISA-KEV
  • Are fixable
  • Have a severity of High or Critical

This way, it leads users to focus on the workloads at most risk and cuts through the noise of CVE scan results, reducing them by over 90%. Thus, helping you focus on the alerts that actually matter.