Atlas Overview

Correlating scans, exploit chatter, and asset criticality to show where risk is concentrating right now.

Clustered by service/team. Size = exposure, color = priority.

High

Elevated

Moderate

PAY Score 92

EDGE Score 78

ID Score 64

OBS Score 74

DATA Score 59

Factors: Exploit Chatter EPSS/CVSS Asset Criticality Internet Exposure

Tip: Click a cluster to drill down. Pan/zoom are mocked in this static prototype.

Last 7 days · Sources: advisories + social + repos

Spike: Wed 14:00Z Top mentions: CVE-2023-44487 (HTTP/2), CVE-2024-3094 (supply chain)

High

Spike: Fri 19:00Z PoC referenced for CVE-2024-6387 (OpenSSH)

Elevated

Applied to current scope: Prod

RCE + Internet-facing + Critical service 38% of total risk score contribution

Known-exploited + Patch available 24% of total risk score contribution

High EPSS + Broad asset spread 17% of total risk score contribution

Sorted by Priority Score · Filters persist per user

Only exploitable Owners: 12

Priority	CVE	Affected assets	Criticality	Exploit signal	Patch availability	SLA due	Owner	Status
92	CVE-2024-3094 xz/liblzma supply chain	18 (Payments API)	Tier 0	KEV + PoC	Upgrade available	Dec 13	FinOps	Queued
88	CVE-2023-44487 HTTP/2 Rapid Reset	64 (Edge NGINX)	Tier 1	Trending	Config mitigation	Dec 15	Web Platform	In progress
74	CVE-2024-6387 OpenSSH regreSSHion	21 (Bastions)	Tier 2	PoC referenced	Patch available	Dec 21	Infra Ops	Watch
67	CVE-2024-21626 runc container escape	9 (K8s Nodes)	Tier 1	Low chatter	Upgrade available	Dec 28	Platform Eng	Queued

Row evidence example (expand)

Selected from the table

Priority 92

Remediation summary

Remove affected xz/liblzma versions from fleet images and confirm sshd does not link against compromised builds.

Recommended path

Quick actions

Open Playbook

Playbook link: PBK-LNX-012 · "xz/liblzma emergency rollback"