| AppSoc |
Risk-Based Application Security Posture Management |
https://www.appsoc.com/ |
| Aqua Security |
Aqua Workload Protection |
https://support.aquasec.com/support/solutions/articles/16000166626-2023-september-saas-update-release%23EPSS-(Exploit-Prediction-Scorin |
| Armis |
Armis Asset Vulnerability Management module |
https://www.armis.com/integrations/exploit-prediction-scoring-system-epss/ |
| Armo Security |
Armo Kubernetes Security |
https://hub.armosec.io/docs/vulnerabilities-workloads |
| Armorcode |
Risk-Based Vulnerability Management |
https://www.armorcode.com/blog/epss-and-risk-based-vulnerability-prioritization |
| Arnica |
Pipelineless Application Security |
https://docs.arnica.io/arnica-documentation/code-risks/software-composition-analysis-sca#exploit-prediction-scoring-system-epss-score-and-trend |
| Avalor |
Avalor Security Data Fabric |
https://www.avalor.io/integrations |
| AWS |
Inspector |
https://aws.amazon.com/about-aws/whats-new/2023/07/amazon-inspector-vulnerability-intelligence-findings/ |
| Axonius |
Vulnerability Management Module |
https://docs.axonius.com/docs/vulnerabilities |
| Axxemble |
BaseFortify |
https://basefortify.eu/posts/2025/01/epss:_prioritizing_vulnerabilities_based_on_exploit_likelihood.html |
| Backlash |
Reachability SAST/SCA |
https://www.backslash.security/ |
| Balbix |
Risk-Based Vulnerability Management |
https://www.balbix.com/product/risk-based-vulnerability-management/ |
| Binarly |
Transparency Platform |
https://binarly.io/capabilities |
| Black Kite |
Third Party & Cyber Risk Management Platform |
https://content.blackkite.com/ebook/2025-supply-chain-vulnerability-report/ |
| Bomber |
Bomber |
https://github.com/devops-kung-fu/bomber |
| Brinqa |
Cyber Risk Platform |
https://www.brinqa.com/glossary/what-is-epss-score/ |
| Boost Security |
DevSecOps Platform |
https://docs.boostsecurity.io/user-guide/new_release.html#2023-03-09 |
| Cavelo |
Attack Surface Management |
https://www.cavelo.com |
| CIRCL |
Vulnerability Lookup |
https://vulnerability.circl.lu |
| cvefeed.io |
Vulnerability Intelligence |
https://cvefeed.io |
| Cisco |
Cisco Vulnerability Management |
EPSS and Its Role in Cisco Vulnerability Management Risk Scoring |
| Clavis |
Risk-Based Vulnerability Priorization |
https://produto.clavis.com.br/material-bart-gerenciamento-de-vulnerabilidade-baselines-analises-de-risco-testes-de-seguranca/ |
| Cytidel |
vulnerability and risk management platform |
https://www.cytidel.com/ |
| Claroty |
vulnerability and Risk Management |
https://claroty.com/press-releases/claroty-unveils-new-vulnerability-risk-management-capabilities-to-supercharge-risk-reduction-for-cyber-physical-systems |
| Cloudsmith |
Cloud Native Artifact Management Platform |
https://cloudsmith.com/blog/cloudsmith-introduces-epss-scoring-in-enterprise-policy-management-epm |
| Coalition |
Coalition Exploit Scoring System |
https://ess.coalitioninc.com/ |
| ConnectSecure |
ConnectSecure Vulnerability Management |
https://connectsecure.com/news/product-update-epss-empowers-msps-to-tackle-high-risk-vulnerabilities |
| Cowbell |
Cowbell Insurance |
https://cowbell.insure/ |
| Culinda |
Culinda Cloud Security |
https://www.culinda.io/ |
| CTM360 |
Threat Cover |
https://www.ctm360.com/ |
| CVE Crowd |
CVEs discussed on the Fediverse |
https://cvecrowd.com/ |
| Cybeats |
SBOM Studio |
https://www.cybeats.com/sbom-studio |
| CybelAngel |
Asset Discovery & Monitoring |
https://cybelangel.com/asset-discovery-and-monitoring/ |
| Cyberwatch |
Cyberwatch Vulnerability Management |
https://cyberwatch.fr/veille/epss-quest-ce-que-lexploit-prediction-scoring-system/ |
| Cyscale |
Cloud Security Platform |
https://cyscale.com/blog/security-scoring-cvss4-vs-cvss3-need-to-know/ |
| Datadog |
Application Vulnerability Management |
https://www.datadoghq.com/product/application-vulnerability-management/ |
| Dazz |
Dazz Unified Remediation Platform |
https://www.dazz.io/platform |
| Deepfactor |
Application Security Platform |
https://www.deepfactor.io/deepfactor-3-5-includes-enhanced-vulnerability-prioritization-with-epss-support-and-reachability-analysis-for-golang/ |
| Denexus |
OT Cyber Risk Quantification |
https://www.denexus.io/products/derisk/industrial |
| DevOcean |
Low-Touch Remediation Platform |
https://www.devocean.security/blog/epss-everything-you-need-to-know |
| Docker Scout |
Solution for proactively enhancing your software supply chain security |
https://www.docker.com/products/docker-scout/ |
| EdgeBit |
EdgeBit Security Platform |
https://edgebit.io/docs/0.x/investigate-epss/ |
| Edgescan |
Risk-Based Vulnerability Management Solution |
https://www.edgescan.com/solutions/vulnerability-management/ |
| Elastic |
Elastic Seach Platform |
https://www.elastic.co/docs/current/integrations/first_epss |
| Endor Labs |
Endor Labs |
https://www.endorlabs.com/blog/cve-vulnerability-epss-ssvc-reachability-vex |
| FOSSA |
The Modern Open Source Risk Platform |
https://fossa.com/blog/understanding-using-epss-scoring-system/ |
| Flashpoint |
Flashpoint VulnDB |
https://flashpoint.io/resources/datasheets/vulndb-ransomware-and-exploit-prediction-model/ |
| Fleet |
Open-source device management |
https://fleetdm.com/upgrade |
| Fluid Attacks |
Fluid Attacks |
https://fluidattacks.com/ |
| ForeScout |
Risk and Exposure Management |
https://www.forescout.com/products/rem/ |
| Fortinet |
Forinet DAST |
https://docs.fortinet.com/document/fortidast/23.3.0/user-guide/476620/vulnerabilities |
| FortMesa |
Riskchain VM |
https://land.fortmesa.com/vulnerability-management-101 |
| Finite State |
Finite State Platform |
https://finitestate.io/products/finite-state-platform/ |
| GitHub |
Dependabot |
https://docs.github.com/en/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts |
| Github Advisory Database |
GHSA |
https://github.blog/changelog/2024-10-10-epss-scores-in-the-github-advisory-database/ |
| HackerOne |
CVE Discovery |
https://hackerone.com/hacktivity/cve_discovery |
| Hackuity |
Risk-Based Vulnerability Management |
https://www.hackuity.io/ |
| IBM |
Concert |
https://www.ibm.com/docs/en/concert?topic=dimension-understanding-concert-risk-score-vulnerabilities#understanding_the_concert_risk_score__title__4 |
| Kerzinger |
VulnDex |
https://vulndex.at/ |
| Keysight |
Keysight IoT Security Assessment |
https://www.keysight.com/be/en/products/network-security/iot-security-assessment.html |
| Kodem |
Kodem Security |
https://www.kodemsecurity.com/ |
| Kondukto |
Kondukto ASPM Platform |
https://kondukto.io/ |
| Lansweeper |
Lansweeper Asset Intelligence |
https://community.lansweeper.com/t5/cyber-security-and-risk-insights/understanding-exploitability-fields/ta-p/77274 |
| Legit Security |
Legit Supply Chain Security |
https://www.legitsecurity.com/ |
| Luna Sec |
Luna Sec |
https://www.lunasec.io/docs/blog/what-is-epss/ |
| Manifest |
Manifest |
https://www.manifestcyber.com/blog/introducing-manifest |
| Mandiant |
Mandiant Vulnerability Intelligence |
https://www.mandiant.com/resources/blog/enhanced-vulnerability-intelligence |
| Mend.io |
Mend |
https://docs.mend.io/bundle/sca_user_guide/page/view_epss_scores_for_container_images.html |
| Microsoft |
Microsoft Defender |
https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/enhancing-vulnerability-prioritization-with-asset-context-and/ba-p/4212480 |
| Mondoo |
Unified Security Posture Management |
https://mondoo.com/docs/platform/security/posture/vulnerabilities/#epss-score |
| Morphisec |
Morphisec Vulnerability Management |
https://blog.morphisec.com/morphisec-next-gen-risk-based-vulnerability-prioritization |
| Nanitor |
Nanitor CTEM Platform |
https://help.nanitor.com/134-epss/ |
| Netrise |
Netrise Platform |
https://www.netrise.io/xiot-security-blog/sbom-ingest |
| NetSPI |
Attack Surface Management (ASM) |
https://www.netspi.com |
| Noetic |
Noetic Platform |
https://noeticcyber.com/risk-driven-vulnerability-prioritization/ |
| Nucleus Security |
Nucleus Unified Vulnerability Management |
https://nucleussec.com/blog/what-is-epss/ |
| NTT DATA |
YaVS / SecDB Portal |
https://secdb.nttzen.cloud |
| Oligo |
Dynamic SCA |
https://www.oligo.security/ |
| Opswright |
Opswright Impact Platform |
https://opswright.com/ |
| Orca |
Cloud Security Platform |
https://orca.security/resources/blog/epss-scoring-system-explained/ |
| Oryx Labs |
Attack Surface Management |
https://oryxlabs.ae/ |
| OWASP |
Dependency Track |
https://owasp.org/www-project/dependency-track |
| Palo Alto Network |
Prisma Cloud |
https://www.paloaltonetworks.com/prisma/cloud |
| Palo Alto Network |
Xpanse |
https://www.paloaltonetworks.com/blog/security-operations/enable-proactive-incident-response-with-adaptive-risk-scoring/ |
| Phoenix Security |
Act on Phoenix |
https://phoenix.security/new-features-november-2022/ |
| Precursor |
Penetration Testing and Continuous Security Testing Services |
https://www.precursorsecurity.com/ |
| Procapsuite |
Procap 360 |
https://procapsuite.com/ |
| UpGuard |
UpGuard Platform |
https://help.upguard.com/en/articles/9180433-what-is-exploit-prediction-scoring-system-epss |
| Qualys |
TruRisk |
https://blog.qualys.com/qualys-insights/2022/10/10/in-depth-look-into-data-driven-science-behind-qualys-trurisk |
| Rezilion |
Rezilion |
https://www.rezilion.com/blog/introducing-our-new-software-supply-chain-security-features/ |
| SecLogic |
CyberQ Shield |
https://seclogic.io/ |
| SecOps Solution |
Full-Stack Vulnerability and Patch Management Platform |
https://secopsolution.com/epss-calculator |
| Securin |
Vulnerability Intelligence |
https://www.securin.io/vulnerability-intelligence/ |
| SecurityScorecard |
CVE Details |
https://www.cvedetails.com/epss/epss-score-history.html |
| Seemplicity |
Seemplicity |
https://seemplicity.io/different-approaches-for-vulnerability-prioritization/ |
| Semgrep |
Semgrep AppSec Platform |
https://semgrep.dev/ |
| SentinelOne |
SentinelOne Vulnerability Management |
https://www.sentinelone.com/platform/singularity-ranger-insights/ |
| ServiceNow |
ServiceNow Vulnerability Response |
https://docs.servicenow.com/bundle/vancouver-security-management/page/product/secops-integration-vr/epss/concept/epss-vr-integration-overview.html |
| Shield Cyber |
Attacker-centric Exposure Management |
https://www.shieldcyber.io/ |
| Shodan |
CVEDB API |
https://cvedb.shodan.io/ |
| SideChannel |
Enclave |
https://sidechannel.com/blog/enhance-your-security-measures-with-effective-epss-and-exposure-management/ |
| Skybox |
Vulnerability & Threat Management |
https://www.skyboxsecurity.com/products/vulnerability-control/ |
| Snyk |
Security Intelligence |
https://snyk.io/blog/improved-risk-assessment-with-epss-scores-in-snyk/ |
| SOCRadar |
Extended Threat Intelligence |
https://socradar.io/predicting-vulnerability-exploitation-for-proactive-cybersecurity-whats-epss-and-how-can-svrs-enhance-it/ |
| SOOS |
SOOS Security |
https://kb.soos.io/help/exploitable-vulnerabilities |
| SPDX |
The Software Package Data Exchange (SPDX) |
https://spdx.dev/capturing-software-vulnerability-data-in-spdx-3-0/ |
| Stackaware |
AI Risk Management |
https://stackaware.com/ |
| Strobes |
VM365 |
https://help.strobes.co/hc/en-us/articles/13158942134801-Vulnerabilities-Custom-CSV-Export |
| Tenable |
Tenable Vulnerability Management |
https://docs.tenable.com/vulnerability-management/Content/vulnerability-intelligence/vulnerability-information.htm |
| Ultrared |
Ultrared Threat Exposure Management |
https://www.ultrared.ai/blog/epss-and-exposure-management |
| Uptycs |
The first unified CNAPP and XDR platform |
https://www.uptycs.com/products/why-uptycs |
| Veracode |
Veracode SCA |
https://docs.veracode.com/r/Understanding_SCA_exploitability_information |
| Verve |
Verve Security Center |
https://verveindustrial.com/resources/blog/calculated-risk-rating-data-driven-ot-risk-assessment/ |
| Vulcan |
Vulcan Cyber Risk Management Platform |
https://vulcan.io/blog/thinking-of-using-epss-heres-what-you-need-to-know/ |
| VulDB |
Cyber Threat Intelligence |
https://vuldb.com/?kb.epss |
| Vulmon Search |
Vulnerability Intelligence Search Engine |
https://vulmon.com |
| VulnCheck |
VulnCheck Exploit & Vulnerability Intelligence |
https://vulncheck.com/product/exploit-intelligence |
| Vulners |
Vulners Database |
https://vulners.com/search |
| Wiz |
Wiz Platform |
https://www.wiz.io/ |
| Würth Phoenix |
SATAYO CTI Platform |
https://www.neteye-blog.com/2023/12/epss-implementation-in-satayo/ |
| Xygeni Security |
All-in-One Application Security Platform |
https://docs.xygeni.io/introduction-to-xygeni/prioritization-funnels/prioritization-funnels-1/exploitability#exploitability |
| Yes We Hack |
Bug Bounty & Vulnerability Management Platform |
https://www.yeswehack.com/ |
