EPSS FAQs

Question 1

What data does the EPSS tool retrieve?

Accepted Answer

The EPSS tool retrieves detailed vulnerability data from the NVD API, including descriptions, CWEs, and CVSS scores, along with EPSS scores and percentiles from the EPSS server.

Question 2

Can I use EPSS in my VS Code environment?

Accepted Answer

Yes! The EPSS MCP server integrates directly with VS Code MCP.  Configure your VS Code settings to point to the `epss_mcp.py` file to fetch CVE details and EPSS scores directly within VS Code.

Question 3

How can I integrate EPSS with other tools?

Accepted Answer

EPSS offers a robust MCP server for seamless integration with other tools. It also supports Docker deployment for a consistent runtime environment and integrates with VS Code MCP for enhanced developer workflows.

Question 4

What do I need to run the EPSS MCP server?

Accepted Answer

You need Python 3.13 or higher, and optionally Docker for containerized deployment. An NVD API key is also required and should be added to the .env file.

Question 5

What is EPSS and how does it help?

Accepted Answer

EPSS (Exploit Prediction Scoring System) provides daily updated probability scores and percentiles for CVEs, helping cybersecurity professionals predict the likelihood of exploitation and prioritize vulnerability remediation efforts.

EPSS

About

Key Features

Use Cases