Stack Exposure Check

See which CISA advisories hit your stack right now

Pick the tools your company uses. We cross-reference them against the CISA Known Exploited Vulnerabilities catalog, FIRST EPSS scores, and NIST NVD severity data, and show you every active advisory in your stack. Free, no account, no email required. Takes 30 seconds.

CISA KEV FIRST EPSS NIST NVD ← Back to the live CISA KEV globe

Identity

SSO, identity providers, directory services

Productivity & Collaboration

Email, calendar, documents, chat

Cloud Infrastructure

IaaS, CDN, DNS

Developer Tooling

Source control, observability

Sales, Ops, Payments

CRM, marketing, billing

Data & Analytics

Warehouses, lakes, analytics

Security & Network

EDR, firewall, VPN, vulnerability scanning

Your selection is processed on submit and discarded after the report renders. We do not store what you picked or associate it with anything.

What this tool does, honestly

You pick the vendors you use. We query our local copy of the CISA Known Exploited Vulnerabilities catalog for CVEs where the affected vendor matches your pick. You see the CVE IDs, CVSS scores, EPSS likelihood, CISA's patch deadlines, and a link to each NVD advisory.

This is a vendor-level match, not a product-level match. If you pick "Microsoft" and Microsoft has a CVE in Windows Server that you do not run, that CVE will still show in your report. Read each entry's description to judge applicability. The tool is a starting point, not a definitive audit.