Exploit Prediction Scoring System (EPSS)


EPSS is an open, data-driven standard for predicting when software vulnerabilities will be exploited. The goal of this effort is to assist network defenders in better prioritizing vulnerability remediation efforts and defend their networks. While other efforts like CVSS have been useful for capturing innate characteristics of a vulnerability, and provide a measure of severity, it is limited in its practical ability to assess threat. EPSS, on the other hand, fills that gap because of its ability to use current threat information (based on CVE and exploit data), and provide a current measure of exploit probability for software vulnerabilities.

Goals & Deliverables

While we have already developed a working model, we seek to improve the data collection in order to achieve a stable, repeatable process. This requires seeking partnerships with other data providers (e.g. threat intelligence companies, IDS sensor networks, etc), improving data cleaning techniques, as well as outreach in order to better understand how to integrate EPSS into practitioner decision processes.