Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EPSS Scores for Dependabot Alerts [GA] #1094

Open
glider-bot opened this issue Jan 23, 2025 · 1 comment
Open

EPSS Scores for Dependabot Alerts [GA] #1094

glider-bot opened this issue Jan 23, 2025 · 1 comment
Labels
ga Feature phase: Generally available GHES 3.17 GHES 3.17 GitHub Advanced Security (GHAS) Product SKU: GitHub Advanced Security shipped Shipped

Comments

@glider-bot
Copy link
Collaborator

Value Prop

EPSS (Exploit Prediction Scoring System) is a data-driven framework that estimates the likelihood of a software vulnerability being exploited in the wild. It helps organizations prioritize patching efforts based on real-world risk.

Expected Outcome

With EPSS scores in Dependabot alerts, customers can expect a new way to prioritize their Dependabot updates based on likelihood of exploitation via EPSS score.
@glider-bot glider-bot added ga Feature phase: Generally available GHES 3.16 GHES 3.16 GitHub Advanced Security (GHAS) Product SKU: GitHub Advanced Security labels Jan 23, 2025
@glider-bot glider-bot moved this to Q1 2025 – Jan-Mar in GitHub Public Roadmap Jan 23, 2025
@github github locked and limited conversation to collaborators Jan 23, 2025
@ankneis ankneis added the shipped Shipped label Feb 20, 2025
@ankneis
Copy link
Collaborator

ankneis commented Feb 20, 2025

🚢 This has shipped: https://github.blog/changelog/2025-02-19-dependabot-helps-users-focus-on-the-most-important-alerts-by-including-epss-scores-that-indicate-likelihood-of-exploitation-now-generally-available

Leaving open to track for GHES release!

@ankneis ankneis added GHES 3.17 GHES 3.17 and removed GHES 3.16 GHES 3.16 labels Feb 21, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
ga Feature phase: Generally available GHES 3.17 GHES 3.17 GitHub Advanced Security (GHAS) Product SKU: GitHub Advanced Security shipped Shipped
Projects
GitHub Public Roadmap
Status: Q1 2025 – Jan-Mar
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ankneis @glider-bot