How To Use EPSS (Exploit Prediction Scoring System)

Effective prioritization of vulnerabilities is critical to staying ahead of the next threat, especially when the average enterprise has millions of vulnerabilities. Since most vulnerabilities do not have observed exploits in the wild, organizations need an accurate system to understand the probability of a given vulnerability being exploited.

EPSS is the first open, data-driven framework for assessing vulnerability threat: that is, the probability that a vulnerability will be exploited within the first twelve months after public disclosure. This scoring system has been designed to be simple enough to implement without specialized tools or software, and flexible enough that it can be updated as more, and better, data becomes available.

In this webinar, Kenna Security’s own Chief Data Scientist, Michael Roytman will discuss:

  • exactly what EPSS is,

  • why it outperforms CVSS on every metric,

  • tips and tricks on how to best implement it,

  • and much more!

Tune in to find out how your organization can use this open model to effectively prioritize your highest-risk vulnerabilities and stay ahead of attackers.