INTERACTIVE TOUR
REQUEST DEMO
Go to my account
Search
Search
10th Edition of the 2025 Vulnerability Statistics Report available now!
GET REPORT

RETURN TO BLOG LIST

Picture of Eoin Keary

Eoin Keary

Edgescan was founded in 2011 by Eoin Keary, who currently serves as its CEO. With over 20 years of experience in leadership and development, Eoin is a visionary and thought leader for the company. He draws on his extensive experience in leading software development and security teams to drive Edgescan's success.

CATEGORIES:

Edgescan Insights
Product Updates
Solutions
– API Security
– Application Testing
– Attack Surface Management
– Mobile Application Security
– Network Security
– Penetration Testing
Thought Leadership
News

eXposure Factor EXF

Edgescan eXposure Factor (EXF)

Helping you prioritize vulnerability mitigation at scale

Improving MTTR (Mean Time To Remediation) of critical weaknesses with EXF
Prioritization is key once you can assume a list of validated and accurate vulnerabilities. Edgescan only ever delivers validated and accurate vulnerabilities with virtually no false positives. The ability to answer the question “What should I fix first?” dramatically improves efficiency when dealing with resource management and provides optimum value to your business and security posture. Let’s fix and secure what matters.Edgescan has designed a system to help you easily figure out which vulnerabilities are most urgent:We call it EXF (Edgescan eXposure Factor), which uses dynamically generated breach probability data via:
  1. Exploit Prediction Scoring System (EPSS) combined with
  2. CVSS (Common Vulnerability Scoring System) score and;
  3. if the vulnerability is flagged by the CISA (Cybersecurity & Infrastructure Security Agency) and is on the CISA KEV (Known Exploitable Vulnerability catalogue).
By combining this metadata and applying it to a discovered & validated vulnerability, Edgescan provides a simple 0 to 100 scoring system where a lower score indicates minimal risk and a higher score signifies greater vulnerability. • The Edgescan eXposure Factor is displayed to the user on the Vulnerabilities page under the title EXF. • EXF is re-calibrated daily via dynamic feeds to keep pace with exploitation intelligence “in the wild.”

Vulnerabilities ReportEXF values highlighted based on Vulnerability Severity/CVSS, EPSS, and CISA KEV presence.

Combining EXF with other Asset Metadata:

Edgescan gives you the ability to set the relative criticality and set associated metadata relating to an asset. By leveraging search criteria, you can focus on high EXF-scoring vulnerabilities across critical assets even if you have thousands of systems under management. E.g., “ Show me EXF scores for all assets marked critical across my global landscape….”

Edgescan dashboard viewAsset “Tagged” as “Critical.”

Vulnerabilities reportVulnerabilities with high CVSS scores and associated EPSS/EXF.

 

CATEGORIES:

Related Articles

Why AI Security Testing Matters to Your Business: Understanding LLM Penetration Testing
Why AI Security Testing Matters to Your Business: Understanding LLM Penetration Testing

AI systems like Large Language Models (LLMs) are now woven into the fabric of your business operations. They handle customer …

NIS2: Six Months After Implementation – What We’ve Learned
NIS2: Six Months After Implementation – What We’ve Learned

In the high-stakes arena of modern cybersecurity, strong protection is essential for both business continuity and regulatory compliance. The NIS2 …

Inside the 2025 Verizon DBIR: Edgescan’s Critical Insights on Web Application Security
Inside the 2025 Verizon DBIR: Edgescan’s Critical Insights on Web Application Security

The 2025 Verizon Data Breach Impact Report paints a stark picture of web application security, and as someone who contributes …

Contact us for more information on how Edgescan can help secure your business.

Contact Us