Configure and run a scheduled job to update CVE records with EPSS data

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 2분

    • Customize the base system scheduled job to update CVE records with EPSS data.

    시작하기 전에

    중요사항:
    You need to download and activate the Vulnerability Response Integration with CISA (com.snc.vulnerability.cisa) plugin to enable the EPSS integration.
    Following are the list of new fields added in NVD table to store EPSS data.
    • EPSS Score
    • EPSS Percentile
    • EPSS Last Modified
    주:
    Configure the list view or form view as per the requirement to view newly added fields.
    Role required: admin

    이 태스크 정보

    Data imports from the EPSS integration, further enriches the NVD data in your instance. If NVD records are not present, then it will create a placeholder in the CVE table and add EPSS details in the same table. Run this integration as part of your initial setup of Vulnerability Response and post to importing vulnerability data into your instance.
    주:
    By default, the First.org EPSS Integration is in Active state. The base system scheduled job is configured, by default, to run daily.

    프로시저

    1. Navigate to All > Vulnerability Response > Administration > Integrations.
    2. Find and select First.org EPSS Integration.
    3. Modify the fields, as needed.
    4. Right-click on the header to Save your changes.
    5. Select Execute Now, to run the scheduled job immediately.
      You are returned to the Vulnerability Integrations view.
    6. Select First.org EPSS > Vulnerability Integration Runs tab to view the progress of the import.
      On successful completion of the scheduled job, the EPSS scores, percentile, and the last modified EPSS score timestamps are updated on the CVEs.

    다음에 수행할 작업