FIRST Exploit Prediction Scoring System (EPSS)
The Exploit Prediction Scoring System (EPSS) by the Forum of Incident Response and Security Teams (FIRST) is an open, data-driven effort for estimating the probability of a software vulnerability being exploited. You can bring these findings into Brinqa to construct a unified view of your attack surface.
This document details the information you must provide for the connector to authenticate with FIRST EPSS and how to obtain that information from FIRST EPSS. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select FIRST Exploit Prediction Scoring System from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to integrate FIRST EPSS with Brinqa:
- API URL: The FIRST EPSS API Server URL. The default URL is
https://api.first.org
.
Additional settings
The FIRST EPSS connector contains additional options for specific configuration:
-
Set page size: The maximum number of records to get per API request. The default setting is 1000.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 2.
Types of data to retrieve
The FIRST EPSS connector retrieves the following types of data from the EPSS API:
Table 1: Data retrieved from EPSS
Connector Object | Required | Maps to Data Model |
---|---|---|
EPSS | Yes | CVE record |
The FIRST EPSS connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from FIRST EPSS in the Brinqa Platform, see How to view your data.
APIs
The FIRST EPSS connector uses the EPSS API. Specifically, it uses the following endpoint:
Table 2: EPSS API Endpoint
Connector Object | API Endpoints |
---|---|
EPSS | https://api.first.org/data/v1/epss |
Changelog
The FIRST EPSS connector has undergone the following changes:
3.0.4
- Updated dependencies.
3.0.3
- Upgraded to the latest Connector Framework.
3.0.2
- Updated the UID mappings.
3.0.1
- Changed the EPSS score and percentile to a scale of 0 to 100.
3.0.0
- Initial Integration+ release.