Where every claim in SecProve
comes from.
A dense reading catalog. Every claim is footnoted. Sort by source, filter by pillar, type, or recency. Built for analysts who want to see what we are standing on.
Data-driven model for estimating the probability that a vulnerability will be exploited in the wild. Uses ML to prioritize patching.
Test your knowledge · B3Authoritative list of vulnerabilities actively exploited in the wild. Used for prioritizing remediation — required for federal agencies.
Test your knowledge · B3CISA's decision-tree approach to vulnerability prioritization. Considers exploitation status, automatable exposure, and mission impact.
Test your knowledge · B3Common Vulnerability Scoring System version 4.0. The standard method for rating the severity of security vulnerabilities.
Test your knowledge · B3The U.S. government repository of standards-based vulnerability management data. Includes CVE entries, severity scores, and affected product references.
Test your knowledge · B3Annual threat landscape reports with empirical data on vulnerability exploitation timelines, patch adoption rates, and the efficacy of risk-based prioritization. Use for data-driven questions, not vendor comparisons.
Test your knowledge · B3Ready to test what you've learned?
Our questions are built directly from these resources. Take a quiz and see how your knowledge stacks up.