| AppSoc |
Risk-Based Application Security Posture Management |
https://www.appsoc.com/ |
| Aqua Security |
Aqua Workload Protection |
https://support.aquasec.com/support/solutions/articles/16000166626-2023-september-saas-update-release%23EPSS-(Exploit-Prediction-Scorin |
| Armis |
Armis Asset Vulnerability Management module |
https://www.armis.com/integrations/exploit-prediction-scoring-system-epss/ |
| Armo Security |
Armo Kubernetes Security |
https://hub.armosec.io/docs/vulnerabilities-workloads |
| Armorcode |
Risk-Based Vulnerability Management |
https://www.armorcode.com/blog/epss-and-risk-based-vulnerability-prioritization |
| Avalor |
Avalor Security Data Fabric |
https://www.avalor.io/integrations |
| AWS |
Inspector |
https://aws.amazon.com/about-aws/whats-new/2023/07/amazon-inspector-vulnerability-intelligence-findings/ |
| Axonius |
Vulnerability Management Module |
https://docs.axonius.com/docs/vulnerabilities |
| Backlash |
Reachability SAST/SCA |
www.backslash.security |
| Binarly |
Transparency Platform |
https://binarly.io/capabilities |
| Bomber |
Bomber |
https://github.com/devops-kung-fu/bomber |
| Brinqa |
Cyber Risk Platform |
https://www.brinqa.com/glossary/what-is-epss-score/ |
| Boost Security |
DevSecOps Platform |
https://docs.boostsecurity.io/user-guide/new_release.html#2023-03-09 |
| Cavelo |
Attack Surface Management |
https://www.cavelo.com |
| cvefeed.io |
Vulnerability Intelligence |
https://cvefeed.io |
| Cisco |
Kenna Security |
https://www.helpnetsecurity.com/2019/11/04/kenna-security-exploit-prediction-scoring-system/ |
| Clavis |
Risk-Based Vulnerability Priorization |
https://produto.clavis.com.br/material-bart-gerenciamento-de-vulnerabilidade-baselines-analises-de-risco-testes-de-seguranca/ |
| Cytidel |
vulnerability and risk management platform |
https://www.cytidel.com/ |
| Claroty |
vulnerability and Risk Management |
https://claroty.com/press-releases/claroty-unveils-new-vulnerability-risk-management-capabilities-to-supercharge-risk-reduction-for-cyber-physical-systems |
| Coalition |
Coalition Exploit Scoring System |
https://ess.coalitioninc.com/ |
| ConnectSecure |
ConnectSecure Vulnerability Management |
https://connectsecure.com/news/product-update-epss-empowers-msps-to-tackle-high-risk-vulnerabilities |
| Cowbell |
Cowbell Insurance |
https://cowbell.insure/ |
| Culinda |
Culinda Cloud Security |
https://www.culinda.io/ |
| CTM360 |
Threat Cover |
https://www.ctm360.com/ |
| Cybeats |
SBOM Studio |
https://www.cybeats.com/sbom-studio |
| CybelAngel |
Asset Discovery & Monitoring |
https://cybelangel.com/asset-discovery-and-monitoring/ |
| Cyberwatch |
Cyberwatch Vulnerability Management |
https://cyberwatch.fr/veille/epss-quest-ce-que-lexploit-prediction-scoring-system/ |
| Cyscale |
Cloud Security Platform |
https://cyscale.com/blog/security-scoring-cvss4-vs-cvss3-need-to-know/ |
| Datadog |
Application Vulnerability Management |
https://www.datadoghq.com/product/application-vulnerability-management/ |
| Dazz |
Dazz Unified Remediation Platform |
https://www.dazz.io/platform |
| Deepfactor |
Application Security Platform |
https://www.deepfactor.io/deepfactor-3-5-includes-enhanced-vulnerability-prioritization-with-epss-support-and-reachability-analysis-for-golang/ |
| Denexus |
OT Cyber Risk Quantification |
https://www.denexus.io/products/derisk/industrial |
| DevOcean |
Low-Touch Remediation Platform |
https://www.devocean.security/blog/epss-everything-you-need-to-know |
| Docker Scout |
Solution for proactively enhancing your software supply chain security |
https://www.docker.com/products/docker-scout/ |
| EdgeBit |
EdgeBit Security Platform |
https://edgebit.io/docs/0.x/investigate-epss/ |
| Edgescan |
Risk-Based Vulnerability Management Solution |
https://www.edgescan.com/solutions/vulnerability-management/ |
| Endor Labs |
Endor Labs |
https://www.endorlabs.com/blog/cve-vulnerability-epss-ssvc-reachability-vex |
| FOSSA |
The Modern Open Source Risk Platform |
https://fossa.com/blog/understanding-using-epss-scoring-system/ |
| Flashpoint |
Flashpoint VulnDB |
https://flashpoint.io/resources/datasheets/vulndb-ransomware-and-exploit-prediction-model/ |
| Fleet |
Open-source device management |
https://fleetdm.com/upgrade |
| ForeScout |
Risk and Exposure Management |
https://www.forescout.com/products/rem/ |
| Fortinet |
Forinet DAST |
https://docs.fortinet.com/document/fortidast/23.3.0/user-guide/476620/vulnerabilities |
| FortMesa |
Riskchain VM |
https://land.fortmesa.com/vulnerability-management-101 |
| Finit Estate |
Finite State Platform |
https://finitestate.io/products/finite-state-platform/ |
| HackerOne |
CVE Discovery |
https://hackerone.com/hacktivity/cve_discovery |
| Hackuity |
Risk-Based Vulnerability Management |
https://www.hackuity.io/ |
| IBM Security |
|
| Kodem |
Kodem Security |
https://www.kodemsecurity.com/ |
| Kondukto |
Kondukto ASPM Platform |
https://kondukto.io/ |
| Legit Security |
Legit Supply Chain Security |
https://www.legitsecurity.com/ |
| Luna Sec |
Luna Sec |
https://www.lunasec.io/docs/blog/what-is-epss/ |
| Manifest |
Manifest |
https://www.manifestcyber.com/blog/introducing-manifest |
| Mandiant |
Mandiant Vulnerability Intelligence |
https://www.mandiant.com/resources/blog/enhanced-vulnerability-intelligence |
| Mend.io |
Mend |
https://docs.mend.io/bundle/sca_user_guide/page/view_epss_scores_for_container_images.html |
| Morphisec |
Morphisec Vulnerability Management |
https://blog.morphisec.com/morphisec-next-gen-risk-based-vulnerability-prioritization |
| Netrise |
Netrise Platform |
https://www.netrise.io/xiot-security-blog/sbom-ingest |
| Noetic |
Noetic Platform |
https://noeticcyber.com/risk-driven-vulnerability-prioritization/ |
| Nucleus Security |
Nucleus Unified Vulnerability Management |
https://nucleussec.com/blog/what-is-epss/ |
| NTT DATA |
YaVS / SecDB Portal |
https://secdb.nttzen.cloud |
| Oligo |
Dynamic SCA |
https://www.oligo.security/ |
| Opswright |
Opswright Impact Platform |
https://opswright.com/ |
| Orca |
Cloud Security Platform |
https://orca.security/resources/blog/epss-scoring-system-explained/ |
| Oryx Labs |
Attack Surface Management |
https://oryxlabs.ae/ |
| OWASP |
Dependency Track |
https://owasp.org/www-project/dependency-track |
| Palo Alto Network |
Xpanse |
https://www.paloaltonetworks.com/blog/security-operations/enable-proactive-incident-response-with-adaptive-risk-scoring/ |
| Phoenix Security |
Act on Phoenix |
https://phoenix.security/new-features-november-2022/ |
| Precursor |
Penetration Testing and Continuous Security Testing Services |
https://www.precursorsecurity.com/ |
| Qualys |
TruRisk |
https://blog.qualys.com/qualys-insights/2022/10/10/in-depth-look-into-data-driven-science-behind-qualys-trurisk |
| Rezilion |
Rezilion |
https://www.rezilion.com/blog/introducing-our-new-software-supply-chain-security-features/ |
| SecLogic |
CyberQ Shield |
https://seclogic.io/ |
| SecOps Solution |
Full-Stack Vulnerability and Patch Management Platform |
https://secopsolution.com/epss-calculator |
| Securin |
Vulnerability Intelligence |
https://www.securin.io/vulnerability-intelligence/ |
| SecurityScorecard |
CVE Details |
https://www.cvedetails.com/epss/epss-score-history.html |
| Seemplicity |
Seemplicity |
https://seemplicity.io/different-approaches-for-vulnerability-prioritization/ |
| ServiceNow |
ServiceNow Vulnerability Response |
https://docs.servicenow.com/bundle/vancouver-security-management/page/product/secops-integration-vr/epss/concept/epss-vr-integration-overview.html |
| Shield Cyber |
Attacker-centric Exposure Management |
https://www.shieldcyber.io/ |
| Shodan |
CVEDB API |
https://cvedb.shodan.io/ |
| SideChannel |
Enclave |
https://sidechannel.com/blog/enhance-your-security-measures-with-effective-epss-and-exposure-management/ |
| Skybox |
Vulnerability & Threat Management |
https://www.skyboxsecurity.com/products/vulnerability-control/ |
| Snyk |
Security Intelligence |
https://snyk.io/blog/improved-risk-assessment-with-epss-scores-in-snyk/ |
| SOCRadar |
Extended Threat Intelligence |
https://socradar.io/predicting-vulnerability-exploitation-for-proactive-cybersecurity-whats-epss-and-how-can-svrs-enhance-it/ |
| SOOS |
SOOS Security |
https://kb.soos.io/help/exploitable-vulnerabilities |
| SPDX |
The Software Package Data Exchange (SPDX) |
https://spdx.dev/capturing-software-vulnerability-data-in-spdx-3-0/ |
| Stackaware |
AI Risk Management |
https://stackaware.com/ |
| Strobes |
VM365 |
https://help.strobes.co/hc/en-us/articles/13158942134801-Vulnerabilities-Custom-CSV-Export |
| Ultrared |
Ultrared Threat Exposure Management |
https://www.ultrared.ai/blog/epss-and-exposure-management |
| Uptycs |
The first unified CNAPP and XDR platform |
https://www.uptycs.com/products/why-uptycs |
| Veracode |
Veracode SCA |
https://docs.veracode.com/r/Understanding_SCA_exploitability_information |
| Verve |
Verve Security Center |
https://verveindustrial.com/resources/blog/calculated-risk-rating-data-driven-ot-risk-assessment/ |
| Vulcan |
Vulcan Cyber Risk Management Platform |
https://vulcan.io/blog/thinking-of-using-epss-heres-what-you-need-to-know/ |
| VulDB |
Cyber Threat Intelligence |
https://vuldb.com/?kb.epss |
| VulnCheck |
VulnCheck Exploit & Vulnerability Intelligence |
https://vulncheck.com/product/exploit-intelligence |
| Vulners |
Vulners Database |
https://vulners.com/search |
| Wiz |
Wiz Platform |
https://www.wiz.io/ |
| Würth Phoenix |
SATAYO CTI Platform |
https://www.neteye-blog.com/2023/12/epss-implementation-in-satayo/ |
| Yes We Hack |
Bug Bounty & Vulnerability Management Platform |
https://www.yeswehack.com/ |
