Threat Intelligence
How does Kondukto calculate the risk rating?
When CISA KEV + EPSS integration is enabled, Kondukto can automatically adjust the severity of vulnerabilities based on the risk rating that is calculated by looking at the EPSS probability and the percentile. This configuration is made when activating the CISA KEV + EPSS integration in the first place.
EPSS probability and percentile are updated daily based on the latest EPSS model available.
When computing the risk rating, EPSS percentile supersedes EPSS probability and if the EPSS percentile is above 70th, risk rating is calculated instantly by Kondukto without looking at EPSS probability.
| EPSS Percentile | Risk Rating | Vulnerability Severity |
|---|---|---|
| <70th | Calculated based on EPSS probability | Depends on EPSS probability |
| between 70th and 90th | 3 | High |
| >90th | 4 | Critical |
If the EPSS percentile is below 70th, then the following logic is applied.
| EPSS Probability | Risk Rating | Vulnerability Severity |
|---|---|---|
| between 0% and 10% | 0 | Low |
| between 10% and 30% | 1 | Low |
| between 30% and 70% | 2 | Medium |
| between 70% and 90% | 3 | High |
| between 90% and 100% | 4 | Critical |
Updated about 1 year ago