epss-api

Release 1.1.3

EPSS API Python Client

Homepage PyPI Python

Keywords
EPSS, security, vulnerability
License
MIT
Install
pip install epss-api==1.1.3

Documentation

EPSS API Client

https://img.shields.io/pypi/dw/epss-api?style=flat https://codecov.io/gh/kannkyo/epss-api/branch/main/graph/badge.svg?token=R40FT0KITO

EPSS(Exploit Prediction Scoring System) API client.

EPSS is the one of famous vulnerability score developed by FIRST (the Forum of Incident Response and Security Teams).

EPSS's definition:

The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. Our goal is to assist network defenders to better prioritize vulnerability remediation efforts. While other industry standards have been useful for capturing innate characteristics of a vulnerability and provide measures of severity, they are limited in their ability to assess threat. EPSS fills that gap because it uses current threat information from CVE and real-world exploit data. The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

https://www.first.org/epss/

This package is most easiest and efficient EPSS api client.

Usage

EPSS has some methods.

from epss_api import EPSS

client = EPSS()

value = client.scores()
# value = [
#   {'cve': 'CVE-2022-39952', 'epss': '0.09029', 'percentile': '0.94031'},
#   {'cve': 'CVE-2023-0669', 'epss': '0.78437', 'percentile': '0.99452'},
#  ...
# ]

value = client.epss_lt(0.5)
# value = [
#   {'cve': 'CVE-2022-39952', 'epss': '0.09029', 'percentile': '0.24031'},
#   {'cve': 'CVE-2023-0669', 'epss': '0.18437', 'percentile': '0.19452'},
#  ...
# ]

value = client.percentile_lt(0.5)
# value = [
#   {'cve': 'CVE-2022-39952', 'epss': '0.09029', 'percentile': '0.24031'},
#   {'cve': 'CVE-2023-0669', 'epss': '0.78437', 'percentile': '0.19452'},
#  ...
# ]

value = client.epss_gt(0.5)
# value = [
#   {'cve': 'CVE-2022-39952', 'epss': '0.59029', 'percentile': '0.94031'},
#   {'cve': 'CVE-2023-0669', 'epss': '0.78437', 'percentile': '0.99452'},
#  ...
# ]

value = client.percentile_gt(0.5)
# value = [
#   {'cve': 'CVE-2022-39952', 'epss': '0.59029', 'percentile': '0.94031'},
#   {'cve': 'CVE-2023-0669', 'epss': '0.78437', 'percentile': '0.99452'},
#  ...
# ]

value = client.score(cve_id='CVE-2022-0669')
# value = {'cve': 'CVE-2022-39952', 'epss': 0.0095, 'percentile': 0.32069}

value = client.epss(cve_id='CVE-2022-0669')
# value == 0.0095

value = client.percentile(cve_id='CVE-2022-0669')
# value == 0.32069

If you call either one method, EPSS client cache all CVE's score in memory. After caching, you can get all data very fast.

Stats

Dependencies
1
Dependent packages
0
Dependent repositories
0
Total releases
7
Latest release
First release
Stars
1
Forks
0
Watchers
2
Contributors
3
Repository size
152 KB
SourceRank
8

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.0
0.2.1
0.2.2
1.0.0
1.1.0
1.1.1
1.1.3

Contributors

kannkyo dependabot[bot] github-actions[bot]


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2023-03-05 05:05:51 UTC

Login to resync this project