Configure and run a scheduled job to update CVE records with EPSS data

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • Customize the base system scheduled job to update CVE records with EPSS data.

    Vorbereitungen

    Wichtig:
    You need to download and activate the Vulnerability Response Integration with CISA (com.snc.vulnerability.cisa) plugin to enable the EPSS integration.
    Following are the list of new fields added in NVD table to store EPSS data.
    • EPSS Score
    • EPSS Percentile
    • EPSS Last Modified
    Hinweis:
    Configure the list view or form view as per the requirement to view newly added fields.
    Role required: admin

    Warum und wann dieser Vorgang ausgeführt wird

    Data imports from the EPSS integration, further enriches the NVD data in your instance. If NVD records are not present, then it will create a placeholder in the CVE table and add EPSS details in the same table. Run this integration as part of your initial setup of Vulnerability Response and post to importing vulnerability data into your instance.
    Hinweis:
    By default, the First.org EPSS Integration is in Active state. The base system scheduled job is configured, by default, to run daily.

    Prozedur

    1. Navigate to All > Vulnerability Response > Administration > Integrations.
    2. Find and select First.org EPSS Integration.
    3. Modify the fields, as needed.
    4. Right-click on the header to Save your changes.
    5. Select Execute Now, to run the scheduled job immediately.
      You are returned to the Vulnerability Integrations view.
    6. Select First.org EPSS > Vulnerability Integration Runs tab to view the progress of the import.
      On successful completion of the scheduled job, the EPSS scores, percentile, and the last modified EPSS score timestamps are updated on the CVEs.

    Nächste Maßnahme