The Common Vulnerability Scanning System (CVSS) is the most frequently cited rating system to assess the severity of security vulnerabilities. It has been criticized, however, as not being appropriate to assess and prioritize risk from those vulnerabilities. For this reason, some have called for using the Exploit Prediction Scoring System (EPSS) or combining CVSS and EPSS to make vulnerability metrics more actionable and efficient. Like CVSS, EPSS is governed by the Forum of Incident Response and Security Teams (FIRST).
Related Post
- February 23, 2025
Trump 2.0 Brings Cuts to Cyber, Consumer Protections
One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds
- February 22, 2025
Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in
Cryptocurrency exchange Bybit on Friday revealed that a “sophisticated” attack led to the theft of over $1.46 billion worth of
- February 22, 2025
OpenAI Bans Accounts Misusing ChatGPT for Surveillance and
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected
- February 21, 2025
Friday Squid Blogging: New Squid Fossil
A 450-million-year-old squid fossil was dug up in upstate New York. Blog moderation policy.