The Exploit Prediction Scoring System (EPSS) is a data-driven effort for predicting when software vulnerabilities will be exploited. The goal of this effort is to assist network defenders in better prioritizing vulnerability remediation efforts and defend their networks. While other efforts have been useful for capturing innate characteristics of a vulnerability, and provide measures of severity, they are limited in their practical ability to assess threat. EPSS fills that gap because it uses...
