The Edgescan Xposure Factor (EXF) is a rating system for assessing vulnerabilities. It uses a scale of 0 to 100, with lower scores indicating minimal risk and higher scores indicating higher vulnerability levels.
Version Number: v1.0.1
Published Date: 13 May 2024
____________________________________________________________________________
The Xposure Factor is determined through a blend of external scoring systems;
Users can find the Edgescan Xposure Factor on the Vulnerabilities page labelled as EXF. This factor is recalibrated on a daily basis for up-to-date information.
Calculation
The calculation for Edgescan Xposure Factor is as follows:
EXF = (EPSS Score + CVSS Score) * CISA KEV Score
|
Name |
Calculation |
|---|---|
|
EPSS Score |
EPSS Percentile * 100 * EPSS Score weight |
|
CVSS Score |
CVSS Score * CVSS Score weight |
|
CISA KEV Score |
If on CISA KEV list = 100 |
|
EPSS Score weight |
Determined by Edgescan based on Vulnerability Stats Report |
|
CVSS Score weight |
Determined by Edgescan based on Vulnerability Stats Report |
|
CISA KEV weight |
Determined by Edgescan based on Vulnerability Stats Report |
The Edgescan Vulnerability Stats report is available here.
Scaling
To ensure a more manageable range between 1-100, we scale the calculated value using the following formula:
Scaled Value = (original_value - original_min) / (original_max - original_min) x (scaled_max - scaled_min) + scaled_min
|
Name |
Value |
|---|---|
|
original_value |
(EPSS Score * CVSS Score) * Cisa Kev |
|
original_max |
1,050,000 |
|
original_min |
8,925 |
|
scaled_max |
100 |
|
scaled_min |
1 |