Aikido’s EPSS-based prioritization can further auto-ignore or downgrade low-risk vulnerabilities, based on EPSS values. EPSS, which stands for Exploit Prediction Scoring System, predicts the real-world likelihood a vulnerability will be exploited in the next 30 days.
Important notes
We check EPSS on a daily basis. When the value reaches a threshold, an issue will either be ignored or unignored,
EPSS is available everywhere in Aikido. From your IDE, over to PR gating in your CI to the feed.
When you disable to disable EPSS scoring again, all issues that were previously ignored, will be unignored again.
How to enable EPSS-based Prioritisation
Step 1: Navigate to the EPSS-Based Prioritization settings in the Advanced Settings tab.
Step 2: Click the '⚙️ Manage' button in the EPSS-based prioritisation section
Settings for scan frequency and advanced scan configuration in a security monitoring dashboard.
Step 3: Choose which rules you want to have applied in your Aikido workspace
Auto-Ignore issues with an EPSS below 1%.This will auto-ignore vulnerabilities that have a very low chance of being exploited.
Lower severity with 10 points for EPSS between 1% and 5%.This lowers the severity of vulnerabilities with 10 points. Example. A high severity issue with score 60 will be downgraded to score 50.
Lower severity with 5 points for EPSS between 5% and 10%.This lowers the severity of vulnerabilities with 5 points.
EPSS-based vulnerability prioritization options for automated issue ignoring and severity adjustment.
Step 6: Click Save EPSS-Based Prioritization to apply your noise-reduction rules.
Manually trigger a rescan to apply the new prioritization immediately, or wait until the next scheduled daily scan for changes to take effect.
