MYTHAL · MISSION CONTROL
CONCEPT 01 · BLOOMBERG/DATADOG LINEAGE
14:32:08 UTC
AGENT FABRIC ONLINE CISA KEV LIVE 8 OT VETOS ACTIVE 26 CRIT OPEN
OPEN CRIT
26
▲ +4 (24h)
KEV-LISTED
4
CISA
MTR
18m
▼ -22d baseline
PATCHES 24h
240
▲ +85
OT COMP. CTRL
52
veto path
ASSETS
4310
OT 630 · CCS 575
AGENT MSG/MIN
147
peak 312
EVIDENCE
1024
TSA · NIST · IEC
Agent fabric · live
Supervisor8
01Scanner Liaison312
02Threat Intel298
03Patch Hunter256
04Impact Analyst241
05Change Risk238
OT Safety82
07Planner156
08Executor240
09Verifier240
10Compliance1024
Inventory2087
Feeds · live
CISA KEV1602
NVDSYNC
QualysOK
ClarotyOK
Rapid7DEG
▸ Estate Topology · MCR 4310 assets · 53 zones · refresh 8s 
          ┌─────────────────────────────────────────────────────────────────┐
          │                    CORPORATE IT ZONE                             │
          │   ◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉◉  3,578 assets         │
          │   ws-corp · ws-fin · ws-hr · exchange · sharepoint · sql         │
          └──────────────────────────────┬──────────────────────────────────┘
                                         │
          ┌──────────────────────────────▼──────────────────────────────────┐
          │                  INDUSTRIAL DMZ · 102 assets                    │
          │   ▲ ▲ ▲ ▲   firepower · panorama · vpn · jump-box   ▲ ▲ ▲       │
          └──────────────────────────────┬──────────────────────────────────┘
                                         │
                       ╔═════════════════▼══════════════════╗
                       ║      OT ZONES · 630 assets         ║
                       ║   ◆ PTC-Wayside     · 188 (CCS)    ║
                       ║   ◆ Locomotive      ·  94 (CCS)    ║
                       ║   ◆ CTC             ·  42 (CCS)    ║
                       ║   ◆ Substation      · 116 (CCS)    ║
                       ║   ◆ Yard-Control    ·  68          ║
                       ║   ◆ Process-Floor   · 122          ║
▸ Agent Activity Stream LIVE · 2.5s tick
14:32:07ot_safety_offVETO · CVE-2024-37079 on mcr-ruggedcom-east-014 · proposing 3 compensating controlsCRIT
14:32:06scanner_liaiINGEST · 12 new findings from Qualys · normalizedOK
14:32:05verifierVERIFY_PASS · CVE-2023-22515 on mcr-mw-eng-0042 · rescan cleanCLOSED
14:32:04executorSCCM push complete · KB-5052041 on 17 corp-exchange hostsOK
14:32:03complianceEVIDENCE · 3 units emitted · NIST CSF RS.MI-01 · TSA §3.D · IEC 62443-2-3EVID
14:32:02threat_intelENRICH · KEV=true EPSS=0.84 ransomware-associated=true on CVE-2024-3400KEV
14:32:01patch_hunterFIX · Palo Alto PAN-OS 11.1.3 → 11.1.4 · reliability 0.91OK
14:32:00impact_analyIMPACT · 45 PAN-OS firewalls affected · 12 internet-facingHIGH
14:31:59change_riskRISK · score 0.18 · canary peer present · window opens 02:00OK
14:31:58plannerPLAN · 6-step Panorama push · rollback validated · single-approval requiredPLANNED
14:31:57supervisorORCHESTRATE · trace 01HF9N3K7Z · CVE-2024-3400 routed to enrichment chainOK
14:31:56ot_safety_offVETO · CVE-2022-26143 on mcr-ruggedcom-west-021 · schedule for next windowCRIT
14:31:55inventory_inSWEEP · 2087 recommendations across 4310 assets · 91 criticalOK
▸ Priority Alerts
CVE-2024-37079
VMware vCenter · 24 hosts · CCS
Authentication bypass. KEV-listed. Ransomware operators actively exploiting. DUE 2024-08-20
CVE-2024-3400
Palo Alto PAN-OS · 45 firewalls
GlobalProtect command injection. Live exploitation confirmed.
CVE-2023-22515
Atlassian Confluence · 8 instances
Broken access control. Ransomware-associated. Patches available.
CVE-2022-26143
Siemens RUGGEDCOM · 23 OT (CCS)
SSH auth bypass. OT veto applied · compensating controls in place. Next window: 2026-06-04.
CVE-2021-44228
Apache log4j · 8 middleware
Log4Shell. The classic. Still appearing in inventory sweeps.
▸ CVE TICKER · CISA KEV LIVE
CVE-2024-37079 VMware vCenter KEV · 24 assets CVE-2024-3400 PAN-OS GlobalProtect KEV · 45 firewalls CVE-2023-22515 Confluence KEV · 8 assets CVE-2021-44228 log4j KEV · 8 hosts CVE-2022-26134 Confluence RCE KEV · 6 assets CVE-2024-21887 Ivanti Connect KEV · 3 vpn CVE-2023-46805 Ivanti auth bypass KEV CVE-2024-1709 ConnectWise KEV CVE-2023-42793 JetBrains TeamCity KEV CVE-2024-23897 Jenkins path traversal KEV CVE-2022-22965 Spring4Shell KEV CVE-2024-27198 TeamCity auth bypass KEV CVE-2024-21412 Windows SmartScreen KEV CVE-2023-36884 Microsoft Office KEV CVE-2024-37079 VMware vCenter KEV · 24 assets CVE-2024-3400 PAN-OS GlobalProtect KEV · 45 firewalls CVE-2023-22515 Confluence KEV · 8 assets CVE-2021-44228 log4j KEV · 8 hosts CVE-2022-26134 Confluence RCE KEV · 6 assets CVE-2024-21887 Ivanti Connect KEV CVE-2023-46805 Ivanti auth bypass KEV CVE-2024-1709 ConnectWise KEV CVE-2023-42793 JetBrains TeamCity KEV CVE-2024-23897 Jenkins path traversal KEV CVE-2022-22965 Spring4Shell KEV CVE-2024-27198 TeamCity auth bypass KEV CVE-2024-21412 Windows SmartScreen KEV CVE-2023-36884 Microsoft Office KEV
01 · MISSION CTRL 02 · WORKSPACE 03 · LIGHTNING 04 · STUDIO 05 · BRIDGE ← back