About CyberEdge
Precomputed reasoning cache for cybersecurity decisions. Tracks 250,000+ CVEs, 50,000+ software products, 15,000+ vendors, 900+ weakness types, and 700+ attack techniques.
Data Sources
| Source | What | License | Refresh |
|---|---|---|---|
| NVD | CVE details, CVSS scores, CPE matches | Public domain | Daily |
| CISA KEV | Known exploited vulnerabilities | Public domain | Daily |
| EPSS | Exploit prediction probability scores | Public domain | Daily |
| MITRE ATT&CK | Attack techniques and tactics | Apache 2.0 | Quarterly |
| MITRE CWE | Weakness classifications | Public domain | Quarterly |
| MITRE CAPEC | Attack patterns | Public domain | Quarterly |
| CPE Dictionary | Software/vendor identifiers | Public domain | Weekly |
Scoring Methodology
Four dimensions, 25 points each, 0-100 composite. Higher score = higher risk.
Severity (0-25)
CVSS base score, attack complexity, privileges required. Aggregated entities use max/top-5 of associated CVE severity scores.
Exploitability (0-25)
EPSS probability (log-scaled), CISA KEV listing, public exploit existence. The dimension security practitioners care most about.
Exposure (0-25)
Affected product count, vendor spread, internet-facing likelihood. All log-scaled to prevent ceiling effects.
Patch Availability (0-25)
Inverse scored: higher = worse. Fix exists, time-to-patch, vendor responsiveness.
Quality Tiers
70-100. Severe vulnerability with active exploitation and wide exposure. Immediate action required.
50-69. Significant risk across multiple dimensions. Active monitoring needed.
30-49. Meaningful risk but limited exploitation or exposure. Standard patch cycle.
0-29. Minimal demonstrated risk. Low severity or well-patched.
The Kill Chain
CyberEdge traces every CVE through the full attack chain. From a specific vulnerability to the attack technique an adversary uses.
API Access
curl -H "Authorization: Bearer YOUR_KEY" \
https://cyber.phasetransitions.ai/api/v1/cves/CVE-2021-44228