
From Two Weeks to Three Days: The KEV Deadline Debate
From Safe Mode Podcast by Safe Mode Podcast
May 29, 2026 · 37 min
About this episode
Todd Beardsley discusses the complexities of adding vulnerabilities to the KEV catalog and the implications of changing deadlines for federal agencies.
Drawing on his experience from his time in government working directly on CISA’s Known Exploited Vulnerabilities (KEV) catalog, Todd Beardsley, VP of Security Research at runZero, explains what it actually took behind the scenes to get a vulnerability added: verifying that real exploitation occurred, confirming the incident mattered to federal interests (including state/local governments, critical infrastructure, or allied nations), and ensuring there was a concrete remediation option before publishing. He walks Greg through how those judgments tied back to Binding Operational Directive 22-01 and how deadlines were set and adjusted from the two-week baseline—context that frames the recent trend toward three-day turnaround requirements. From that insider perspective, Beardsley outlines the practical risks of compressing timelines (especially around testing and change-control realities across 100+ civilian agencies) and why ultra-short deadlines can dilute KEV’s value as an “urgency signal,” even as they may push agencies to modernize staffing, automation, and patch processes to respond faster.
People in this episode
Host: Greg
Guest: Todd Beardsley
Topics covered
- vulnerability management
- CISA
- Known Exploited Vulnerabilities
- government policy
- security research
- incident response
Keywords
- vulnerability
- KEV
- CISA
- security
- incident
- remediation
- deadlines
- government
- agencies
Mentioned in this episode
Organizations: CISA, runZero, federal interests, Binding Operational Directive 22-01, civilian agencies
More episodes of Safe Mode Podcast
- Why the autonomous SOC Is the wrong goal · June 11, 2026 · 34 min
- The last layer standing · June 4, 2026 · 36 min
- Can specialized security survive Daybreak and Mythos? · May 21, 2026 · 38 min
- Why access brokers have stubbornly remained successful · May 14, 2026 · 32 min
- Can you prove which agent did what? · May 7, 2026 · 28 min
- How government and Industry can raise the cost of cybercrime · April 30, 2026 · 43 min
Explore listener stats, chart rankings, contacts and more on the Safe Mode Podcast podcast page.