APIAikido login

Use EPSS values to further reduce noise

Aikido’s EPSS-based prioritization can further auto-ignore or downgrade low-risk vulnerabilities, based on EPSS values. EPSS, which stands for Exploit Prediction Scoring System, predicts the real-world likelihood a vulnerability will be exploited in the next 30 days.

This feature is only available for Pro and Scale plans.

Important notes

  • We check EPSS on a daily basis. When the value reaches a threshold, an issue will either be ignored or unignored,

  • EPSS is available everywhere in Aikido. From your IDE, over to PR gating in your CI to the feed.

How to enable EPSS-based Prioritisation

Step 1: Navigate to the EPSS-Based Prioritization settings in the Advanced Settings tab.

Step 2: Click the '⚙️ Manage' button in the EPSS-based prioritisation section

Settings for scan frequency and advanced scan configuration in a security monitoring dashboard.

Step 3: Choose which rules you want to have applied in your Aikido workspace

  • Auto-Ignore issues with an EPSS below 1%.This will auto-ignore vulnerabilities that have a very low chance of being exploited.

  • Lower severity with 10 points for EPSS between 1% and 5%.This lowers the severity of vulnerabilities with 10 points. Example. A high severity issue with score 60 will be downgraded to score 50.

  • Lower severity with 5 points for EPSS between 5% and 10%.This lowers the severity of vulnerabilities with 5 points.

EPSS-based vulnerability prioritization options for automated issue ignoring and severity adjustment.

Step 6: Click Save EPSS-Based Prioritization to apply your noise-reduction rules.

Manually trigger a rescan to apply the new prioritization immediately, or wait until the next scheduled daily scan for changes to take effect.

Last updated

Was this helpful?