epss AI Agent Skills
Browse 5 skills related to epss
dependency-scanner
Software Composition Analysis (SCA) and dependency vulnerability scanning. Scan npm, pip, maven, gradle dependencies. Check CVE databases, generate SBOM (CycloneDX, SPDX), identify license compliance issues, and track EPSS scores for prioritization.
container-grype
Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.
implementing-epss-score-for-vulnerability-prioritization
Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based on real-world exploitation probability within 30 days.
performing-cve-prioritization-with-kev-catalog
Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.
vuln-triage
Triage vulnerability scan results by cross-referencing CVEs against asset criticality, EPSS scores, CISA KEV status, and known public exploits. Produces a prioritized remediation list with org-defined risk buckets and creates Jira tickets for critical/high findings. Trigger when user uploads scan exports (.csv, .json, .nessus, .xml), mentions "vuln triage", "CVE prioritization", "scan results", "vulnerability report", "prioritize findings", or "what should we patch first". Also trigger when user pastes raw CVE lists or asks about exploitability of specific CVEs.