How Our Cutting-Edge New Capability Makes You More Secure and Compliant With CISA BOD 22–01.

CISA BOD 22-01 — Reducing the Significant Risk of Known Exploited Vulnerabilities 

  • New Tech. The powerful Trinity Cyber service decrypts, stages, and deeply inspects the content of network traffic to look for the actual presence of KEV exploit attempts—not for hashes and IOCs—and the technology can modify the traffic to prevent the attempt from working, without disruption business continuity.
  • New Capability. The industry is no longer confined to the binary option of block or allow—it can now see the problem and DO SOMETHING ABOUT IT.
  • Immediate Results. The accuracy and fidelity of this approach allows Trinity Cyber to deploy enduring, high fidelity, automated controls that detect and mitigate all the actively exploited CVEs that contain known network artifacts on the KEV list, which equates to overnight mitigation.
  • Affordable. The team at Trinity Cyber manages this technology as a service for the cost, depending on the size of the customer network, of two or three FTEs.

Learn More About Each Mandate


CISA BOD 22-01 Compliance

  • CISA keeps a catalog of more than 800 known exploited vulnerabilities (KEV)
  • All federal civilian executive branch (FCEB) agencies are required to remediate vulnerabilities in the KEV catalog
  • Trinity Cyber automatically mitigates all vulnerabilities in the KEV catalog for which there is an active exploitation or published proof of concept (POC) – Regardless of IOC, the Trinity Cyber difference is its enduring nature and automated mitigation

"Trinity Cyber’s profound technical breakthrough is designed expressly to 'shift the advantage to the defenders.' I and the Trinity Cyber team are delighted that the Biden Administration’s National Cybersecurity Strategy recognizes that as the core goal for our country."

Thomas P. Bossert, President at Trinity Cyber, Inc.

Worried about these mandates? We have you covered. Learn more below.