fatihtokus
Use https://epss.empiricalsecurity.com/epss_scores-current.csv.gz as EPSS source file
The current EPSS (--with-epss) features relies on obtaining the EPSS data from the cyentia.com website rather than from say https://epss.empiricalsecurity.com/epss_scores-current.csv.gz where first.org suggests to obtain the data. Would it be possible so as an end user to supply their own link to the EPSS data file?
Hi @huornlmj ,
Thanks for the tkt. I am glad to see you are using this feature.
This is a good suggestion. I guess you would supply a local csv file with the same format as the current one, yes?
Regards, Fatih
Actually I was thinking of pointing it to the URL that first.org uses or allowing the end user to chose the URL, but I didn't check if their format differs from the format at the site you are using (cyentia.com). I assumed they were the same.
No worries, we will check the format. May I know if you are using our newest feature (--with-exploits) too?
No worries, we will check the format. May I know if you are using our newest feature (--with-exploits) too?
Yes I am interested in this also. I didn't check into the code yest but are you taking this from Trivys' output or is it coming from the KEV catalogue?
It is coming from https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Oh! I thought it was coming from cyentia.com: https://github.com/fatihtokus/scan2html/blob/3b936212d660976e7ede84ec0afb5eac737ef084/internal/epss/downloader.go#L17
There are two things: EPSS data(--with-epss) from https://epss.cyentia.com Known exploited vulnerabilities data(--with-exploits) from https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json