Understanding Exploit Prediction Scoring System (EPSS)

EdgeBit integrates many datasets, including the Exploit Prediction Scoring System (EPSS). This is an AI-based measure of the probability of exploitation in the next 30 days for a given CVE.

EdgeBit EPSS scoring

The biggest drivers of an EPSS score increase are:

  1. widespread exploits been seen in the wild
  2. the inclusion of an exploit inside of automated tools like Metasploit
  3. availability of publicly available proof-of-concept code

EPSS Prioritization

EdgeBit uses a threshold of exploitabity of over 10% to prompt you to take action. These scores are updated daily so you can expect them to change as conditions change.

It’s also important to understand the percentile of known CVEs that the exploitabity score represents. In the examples above, 10.52% may not seem high, but that’s more serious than 94% of public CVEs – absolutely worth investigating.

Overall Inventory & Per-Component

EdgeBit displays EPSS data for an entire project on the Overview and on a per-Component basis on the Vulnerabilities tab. Items that are prioritized for your investigation link directly to the Component Issue they correspond to with all of the production usage context available to you.