CISO2CISO.COM & CYBER SECURITY GROUP

EPSS explained: How does it compare to CVSS?

The Common Vulnerability Scanning System (CVSS) is the most frequently cited rating system to assess the severity of security vulnerabilities. It has been criticized, however, as not being appropriate to assess and prioritize risk from those vulnerabilities. For this reason, some have called for using the Exploit Prediction Scoring System (EPSS) or combining CVSS and EPSS to make vulnerability metrics more actionable and efficient. Like CVSS, EPSS is governed by the Forum of Incident Response and Security Teams (FIRST).

To read this article in full, please click here

Leer másCSO Online

Leave a Reply

Your email address will not be published.