Overview
Learn how to leverage the Exploit Prediction Scoring System (EPSS) for enhanced vulnerability management in this DEF CON 32 conference talk. Explore the EPSS model's data-driven approach that combines CVE data with real-world exploit information to predict vulnerability exploitation probabilities. Discover practical implementation strategies for integrating EPSS into CI/CD pipelines and traditional system environments, enabling more effective prioritization of security patches and vulnerability remediation efforts. Gain insights into streamlining security operations by focusing on vulnerabilities with the highest likelihood of exploitation based on current threat intelligence.
Syllabus
DEF CON 32 - Using EPSS for Better Management Vulnerability Management - Jerry Gamblin
Taught by
DEFCONConference