Use EPSS values to further reduce noise

Aikido’s EPSS-based prioritization can further auto-ignore or downgrade low-risk vulnerabilities, based on EPSS values. EPSS, which stands for Exploit Prediction Scoring System, predicts the real-world likelihood a vulnerability will be exploited in the next 30 days.

This feature is only available for Pro and Scale plans.

How to enable EPSS-based Prioritisation

Step 1: Navigate to the EPSS-Based Prioritization settings in the Advanced Settings tab.

Step 2: Click the '⚙️ Manage' button in the EPSS-based prioritisation section

Step 3: Choose which rules you want to have applied in your Aikido workspace

Auto-Ignore issues with an EPSS below 1%.
This will auto-ignore vulnerabilities that have a very low chance of being exploited.
Lower severity with 10 points for EPSS between 1% and 5%.
This lowers the severity of vulnerabilities with 10 points. Example. A high severity issue with score 60 will be downgraded to score 50.
Lower severity with 5 points for EPSS between 5% and 10%.
This lowers the severity of vulnerabilities with 5 points.

Step 6: Click Save EPSS-Based Prioritization to apply your noise-reduction rules.

Manually trigger a rescan to apply the new prioritization immediately, or wait until the next scheduled daily scan for changes to take effect.

Ignoring secrets via code comments

Account Creation for Local Scanning on Aikido