Home
Known Exploited Vulnerabilities Content Pack (Add-on)
The Known Exploited Vulnerabilities Content Pack utilizes a collection of BigFix Fixlets to identify the endpoints with vulnerabilities that are prone to exploits.
Enable BigFix KEV Content Pack Site
This topic provides instructions on how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the site.

Known Exploited Vulnerabilities Content Pack (Add-on)
The Known Exploited Vulnerabilities Content Pack utilizes a collection of BigFix Fixlets to identify the endpoints with vulnerabilities that are prone to exploits.
- Known Exploited Vulnerabilities: Overview
  The Known Exploited Vulnerabilities (KEV) Content Pack is a collection of BigFix Fixlets that is derived from extensive research of the CISA KEV catalog, NVD, and Vendor Advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are high-risk and time-sensitive given that they are known to have been exploited or are actively being exploited.
- Enable BigFix KEV Content Pack Site
  This topic provides instructions on how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the site.
- KEV Scanner Policy Action Management
  BigFix provides four utility tasks to facilitate the deployment, execution, and configuration of the Known Exploited Vulnerabilities (KEV) Scanner. The KEV Scanner is necessary to identify certain CVEs (for more details on which CVEs require the KEV Scanner, refer to BigFix Wiki at BigFix Known Exploited Vulnerabilities (KEV) Content Pack).
- ***

Enable BigFix KEV Content Pack Site

This topic provides instructions on how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the site.

Procedure

In the License Overview Dashboard navigate to the Vulnerability Add On domain.
In the site list, find the kevcontent site and click Enable. The site gets enabled.
To subscribe computers to the site, click the site name.
From the Computer Subscriptions tab, indicate which subset of your BigFix Client computers you want to subscribe to this site. Select a suitable option:
- All Computers. Select this option to automatically subscribe all Clients to this site.
- No Computers. Select this option if you are not yet ready to subscribe any computers.
- Computers which match the condition below. Select this option to describe a set of criteria that must all evaluate to TRUE before a BigFix Client is subscribed. From the pull-down menu, you can select from dozens of properties to test for inclusion.
For information on how to subscribe computers to the site, refer to Computer Subscriptions Tab.