Use EPSS values to further reduce noise
Aikido’s EPSS-based prioritization can further auto-ignore or downgrade low-risk vulnerabilities, based on EPSS values. EPSS, which stands for Exploit Prediction Scoring System, predicts the real-world likelihood a vulnerability will be exploited in the next 30 days.
This feature is only available for Pro and Scale plans.
How to enable EPSS-based Prioritisation
Step 1: Navigate to the EPSS-Based Prioritization settings in the Advanced Settings tab.
Step 2: Click the '⚙️ Manage' button in the EPSS-based prioritisation section
Step 3: Choose which rules you want to have applied in your Aikido workspace
Auto-Ignore issues with an EPSS below 1%.
This will auto-ignore vulnerabilities that have a very low chance of being exploited.Lower severity with 10 points for EPSS between 1% and 5%.
This lowers the severity of vulnerabilities with 10 points. Example. A high severity issue with score 60 will be downgraded to score 50.Lower severity with 5 points for EPSS between 5% and 10%.
This lowers the severity of vulnerabilities with 5 points.
Step 6: Click Save EPSS-Based Prioritization to apply your noise-reduction rules.
Manually trigger a rescan to apply the new prioritization immediately, or wait until the next scheduled daily scan for changes to take effect.