Configure and run a scheduled job to update CVE records with EPSS data

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Customize the base system scheduled job to update CVE records with EPSS data.

    Before you begin

    Important:
    You need to download and activate the Vulnerability Response Integration with CISA (com.snc.vulnerability.cisa) plugin to enable the EPSS integration.
    Following are the list of new fields added in NVD table to store EPSS data.
    • EPSS Score
    • EPSS Percentile
    • EPSS Last Modified
    Note:
    Configure the list view or form view as per the requirement to view newly added fields.
    Role required: admin

    About this task

    Data imports from the EPSS integration, further enriches the NVD data in your instance. If NVD records are not present, then it will create a placeholder in the CVE table and add EPSS details in the same table. Run this integration as part of your initial setup of Vulnerability Response and post to importing vulnerability data into your instance.
    Note:
    By default, the First.org EPSS Integration is in Active state. The base system scheduled job is configured, by default, to run daily.

    Procedure

    1. Navigate to All > Vulnerability Response > Administration > Integrations.
    2. Find and select First.org EPSS Integration.
    3. Modify the fields, as needed.
    4. Right-click on the header to Save your changes.
    5. Select Execute Now, to run the scheduled job immediately.
      You are returned to the Vulnerability Integrations view.
    6. Select First.org EPSS > Vulnerability Integration Runs tab to view the progress of the import.
      On successful completion of the scheduled job, the EPSS scores, percentile, and the last modified EPSS score timestamps are updated on the CVEs.

    What to do next