DEF CON 32 - Using EPSS for Better Management Vulnerability Management - Jerry Gamblin

The Exploit Prediction Scoring System (EPSS) provides efficient, data-driven vulnerability management data that uses current threat information from CVE and real-world exploit that helps understand the probability that a vulnerability will be exploited. This talk will discuss the EPSS model in-depth and demonstrate how to implement EPSS for CI/CD pipelines and more traditional operating systems and application patching.

A Deep Dive into the Exploit Prediction Scoring System EPSS
▶︎

A Deep Dive into the Exploit Prediction Scoring System EPSS

AWS re:Inforce 2025 - Scale vulnerability management using Amazon Inspector (TDR305)
▶︎

AWS re:Inforce 2025 - Scale vulnerability management using Amazon Inspector (TDR305)

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains
▶︎

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains

DEF CON 33 - Exploiting Shadow Data from AI Models and Embeddings - Patrick Walsh
▶︎

DEF CON 33 - Exploiting Shadow Data from AI Models and Embeddings - Patrick Walsh

Unlocked Conference: The 3AM Test: Why Boring Systems Let You Sleep at Night—Jacob Murphy (Google)
▶︎

Unlocked Conference: The 3AM Test: Why Boring Systems Let You Sleep at Night—Jacob Murphy (Google)

Beyond the Patch: Measuring the Unknown in Vulnerability Management
▶︎

Beyond the Patch: Measuring the Unknown in Vulnerability Management

DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev
▶︎

DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
▶︎

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)

Main Stage: Understanding and Reducing Supply Chain and Software Vulnerability Risks
▶︎

Main Stage: Understanding and Reducing Supply Chain and Software Vulnerability Risks

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox
▶︎

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox

Cybersecurity Architecture: Response
▶︎

Cybersecurity Architecture: Response

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
▶︎

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro
▶︎

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro

Exploit Prediction Scoring System (EPSS) - The User Guide - Chris Madden
▶︎

Exploit Prediction Scoring System (EPSS) - The User Guide - Chris Madden

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

DEF CON 33 - Preventing One of The Largest Supply Chain Attacks in History -  Maksim Shudrak
▶︎

DEF CON 33 - Preventing One of The Largest Supply Chain Attacks in History - Maksim Shudrak

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
▶︎

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker

What is Exploit Prediction Scoring System (EPSS)?
▶︎

What is Exploit Prediction Scoring System (EPSS)?