The hound fated to always catch its quarry — Laelaps never loses the scent of an actively-exploited vulnerability.
CISA's Known Exploited Vulnerabilities catalog is the single best “fix this now” signal in security — these aren't theoretical CVEs, they're being exploited in the wild today. But pulling KEV out of thousands of findings and grouping it into something a patch team can act on is tedious, manual, and easy to let slide.
Laelaps instantly finds and tags every actively-exploited vulnerability in the estate. It works off the CISA-KNOWN-EXPLOITED cross-reference to tag all KEV assets at once, by catalog date, or by month in one click — and answers natural-language KEV hunts on top. The result is an exploitability backbone the entire pack keys off.
Laelaps runs against the local navi.db built from your Tenable data: the vulns.xrefs field (CISA-KNOWN-EXPLOITED) with catalog dateAdded parsing for date- and month-level grouping. All writes are proposed, human-approved, and logged.
Illustrative results from a demo lab — not a guarantee. KEV signals depend on scan coverage; blind or uncredentialed hosts are called out, not hidden.
Laelaps feeds the pack's heaviest hitters: Fenrir uses KEV as foothold evidence in attack paths, Pythia crosses it with AI assets, Heimdall folds it into crypto migration priority, and On the Scent rolls it into the executive exposure view.
Vulnerability management leads who need a defensible “patch this first” list, and patch prioritization owners who plan remediation in waves, not one CVE at a time.
Ask Laelaps what's actively exploited in your estate — it always catches its quarry.