Machine Learning Improves Prediction of Exploited Vulnerabilities

Researchers behind a public effort to create a way of predicting the exploitation of vulnerabilities have announced a new machine-learning model that improves its prediction capabilities by 82% -- a significant boost. Organizations can access the model, which will go live on March 7, via an API to identify the highest scoring software flaws at any moment in time. The third version of the Exploit Prediction Scoring System (EPSS) uses more than 1,400 features -- such as the age of the vulnerability, whether it is remotely exploitable, and whether a specific vendor is affected -- to successfully predict which software issues will be exploited in the next 30 days. Security teams that prioritize vulnerability remediation based on the scoring system could reduce their remediation workload to an eighth of the effort by using the latest version of the Common Vulnerability Scoring System (CVSS), according to a paper on EPSS version 3 published on arXiv last week. EPSS can be used as a tool to reduce workloads on security teams, while enabling companies to remediate the vulnerabilities that represent the most risk, says Jay Jacobs, chief data scientist at Cyentia Institute and first author on the paper.