Helping you prioritize vulnerability mitigation at scale
Improving MTTR (Mean Time To Remediation) of critical weaknesses with EXF
Prioritization is key once you can assume a list of validated and accurate vulnerabilities. Edgescan only ever delivers validated and accurate vulnerabilities with virtually no false positives. The ability to answer the question “What should I fix first?” dramatically improves efficiency when dealing with resource management and provides optimum value to your business and security posture. Let’s fix and secure what matters.
Edgescan has designed a system to help you easily figure out which vulnerabilities are most urgent:
We call it EXF (Edgescan eXposure Factor), which uses dynamically generated breach probability data via:
- Exploit Prediction Scoring System (EPSS) combined with
- CVSS (Common Vulnerability Scoring System) score and;
- if the vulnerability is flagged by the CISA (Cybersecurity & Infrastructure Security Agency) and is on the CISA KEV (Known Exploitable Vulnerability catalogue).
By combining this metadata and applying it to a discovered & validated vulnerability, Edgescan provides a simple 0 to 100 scoring system where a lower score indicates minimal risk and a higher score signifies greater vulnerability.
• The Edgescan eXposure Factor is displayed to the user on the Vulnerabilities page under the title EXF.
• EXF is re-calibrated daily via dynamic feeds to keep pace with exploitation intelligence “in the wild.”
EXF values highlighted based on Vulnerability Severity/CVSS, EPSS, and CISA KEV presence.
Combining EXF with other Asset Metadata:
Edgescan gives you the ability to set the relative criticality and set associated metadata relating to an asset. By leveraging search criteria, you can focus on high EXF-scoring vulnerabilities across critical assets even if you have thousands of systems under management.
E.g., “ Show me EXF scores for all assets marked critical across my global landscape….”
Asset “Tagged” as “Critical.”
Vulnerabilities with high CVSS scores and associated EPSS/EXF.