Exploit Prediction Scoring System (EPSS)


The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for predicting when software vulnerabilities will be exploited. The goal of this effort is to assist network defenders in better prioritizing vulnerability remediation efforts and defend their networks. While other efforts have been useful for capturing innate characteristics of a vulnerability, and provide measures of severity, they are limited in their practical ability to assess threat. EPSS fills that gap because it uses current threat information, from CVE and real-world exploit data.

Goals & Deliverables

While we have already developed a working model ((version 1.0)[https://arxiv.org/abs/1908.04856]). We seek to develop the next version of EPSS with expanded depth and breadth of data, while also improving the overall reliability of data collection in order to provide near-real time assessments of publicly disclosed vulnerabilities. This requires developing partnerships with potential data providers (e.g. threat intelligence companies, IDS sensor networks, etc) and establishing a solid infrastructure from which we can provide a publicly-accessible interface for EPSS scores.



SIG Members and Contributors