Ranked by the most recent reset (smallest number across any column). Vendors at the top have had the loudest public signal lately — which is a measure of newsworthiness, not of quality.
| Vendor | CVE | Breach | Demo | Lab miss | Launch | Min |
|---|---|---|---|---|---|---|
| Palo Alto Networks | 27d | — | 27d | — | 1d | 1d |
| Microsoft | 46d | — | 1d | 71d | 1d | 1d |
| SentinelOne | — | — | 8d | — | 2d | 2d |
| CrowdStrike | 80d | — | 2d | 71d | 9d | 2d |
| Sophos | — | — | — | 71d | 39d | 39d |
| Fortinet | — | 41d | 46d | — | — | 41d |
| CyberArk | — | — | — | — | 53d | 53d |
| K7 | — | — | — | 71d | — | 71d |
| G Data | — | — | — | 71d | — | 71d |
| Trellix | — | — | — | 71d | — | 71d |
| Cisco | — | — | — | 71d | — | 71d |
| ManageEngine | — | — | — | 71d | — | 71d |
| SenseOn | — | — | — | 71d | — | 71d |
| VIPRE | — | — | — | 71d | — | 71d |
≤ 7 days = fresh reset · ≤ 30 = recent · ≤ 90 = current window · > 90 = cold · — = no event of this type on file. "Min" is the smallest days-since across all five columns — the vendor's last public reset.
The Exposure Clock isn't a score. It's five independent counters, each tracking a different kind of event that resets to zero whenever public signal documents one:
A small number is not bad; a large number is not good. A vendor with a fresh CVE counter is in the news because researchers found something — possibly because they ship a lot of code, possibly because they ship sloppy code. The clock surfaces the timing; the reader brings the judgment.
ColdRecon turns every reset into a daily intelligence brief from the seller's seat — what triggered it, who's affected, what to say in the room. Request clearance and the first lands tomorrow at 0600.
Request Clearance →