1 of 2

Focus on most exploitable vulnerabilities

To ensure you're focusing on the most exploitable vulnerabilities, you can create and apply a reusable rescore profile to rescore all vulnerabilities across a product version. You can also rescore individual vulnerabilities manually.

Once you've rescored your vulnerabilities, you can then prioritize the remaining vulnerabilities by filtering down on those that have a combination of high CVSS scores with high exploitability (EPSS) scores, as well as having exploits or threats publicly available.

View exploitable issues

You can filter down on vulnerabilities that are most likely to be exploited.

In the SBOM page, select the Any exploits filter, then select the exploit and threat information you want to focus on, including vulnerabilities that:

are on the CISA KEV list
are in the Exploit Database
have a Metasploit toolkit available
meet the criteria of the top 25 CWE list

You can also filter on vulnerabilities above or equal to a particular EPSS threshold. To do so, enter a number, such as 80, into the EPSS filter. This will return any vulnerabilities with an EPSS score of 80% or above.

View exploitable issues

You can filter down on vulnerabilities that are most likely to be exploited.

In the SBOM page, select the Any exploits filter, then select the exploit and threat information you want to focus on, including vulnerabilities that:

are on the CISA KEV list
are in the Exploit Database
have a Metasploit toolkit available
meet the criteria of the top 25 CWE list

Focus on most exploitable vulnerabilities