EPSS (Exploit Prediction Scoring System)
• Open-source project led by RAND and Cyentia
• Machine learning system designed to predict the likelihood of a given vulnerability being exploited
• Explicitly trying to provide better intelligence than the Common Vulnerability Scoring System (CVSS)
• Training inputs: past observations of CVE exploitation
• Fortinet, Cisco, Greynoise, F5!
• Runtime inputs: >1500 vulnerability features
• E.g. exploit code available, RCE, CPE, CVSS vectors
• Model: XGBoost (ensemble of decision trees with gradient boosting)
https://www.first.org/epss/ for general information
https://www.first.org/epss/api for API documentation
More details on webinar : "Vulnerability Intelligence, Three Ways"
https://www.csoonline.com/article/3680570/epss-explained-how-does-it-compare-to-cvss.html
Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP