FIRST Exploit Prediction Scoring System (EPSS)

This article describes the Intelligence Card Extension for FIRST EPSS


FIRST.Org       

About First and EPSS

FIRST is a Forum of Incident Response and Security Teams.  Since 1990, when FIRST was founded, its members have resolved an almost continuous stream of security-related attacks and incidents including handling thousands of security vulnerabilities affecting nearly all of the millions of computer systems and networks throughout the world connected by the ever growing Internet.  More information is available at https://www.first.org/about/.

The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild.  The EPSS model produces a probability score between 0 and 1 (0% and 100%). The higher the score, the greater the probability that a vulnerability will be exploited (in the next 30 days).  Please see https://www.first.org/epss/ for more information.

This extension is freely available for any Threat Intelligence, SecOps, or Vulnerability Intelligence module clients to use.   Please also see the Getting Started With Intelligence Card Extensions page if you're interested in enabling this extension.

 

Extending Vulnerability Intelligence Cards

This extension simply shows the EPSS score (which is technically a value from 0-1) for a given vulnerability as a percentage (shown in the extension from 0.0-100.0).  In  addition, we show the Percentile, which is the percentile of the current score, which is the proportion of all scored vulnerabilities with the same or a lower EPSS score. 

Example (for CVE-2010-2568):

mceclip0.png

 

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
4 out of 4 found this helpful

Articles in this section

See more