Founder, Partner and Data Scientist at Cyentia Institute. EPSS Author, first.org/epss and Co-author of Data-Driven Security amzn.to/ddsec;
Joined May 2008
- Tweets 4,121
- Following 563
- Followers 3,441
- Likes 1,376
188 Photos and videos
Pinned Tweet
18 Jul 2023
Have you wondered how Elon's takeover of Twitter will or has affected cyber security discussions?
I've been tracking CVE (vulnerability) discussions on twitter for two years now and the recent trend makes me question the future of "infosec twitter". #CVE
cyentia.com/the-death-of-inf…
31
87
236
93,514
10 Mar 2023
I deny any responsibility.
The only wave I’ve brought is a wave of confusion when people mistake me for some politician.
1
3
754
1 Mar 2023
We've been working hard on EPSS and the next version is going live in one week on March 7th, expect the scores to shift around a bit. Details on our process: arxiv.org/abs/2302.14172 and performance is vastly improved as we continue to expand data partners!
9
14
1,989
jayjacobs retweeted
15 Nov 2022
Doing anything at 11ET today? How about joining me and @wendynather for an encore presentation of our 2022 RSA Conference talk for tips on measurably improving infosec programs. rsaconference.com/library/to…
2
3
19 Aug 2022
And I stand by it.
19 Aug 2022
"It controls the randomness so it is not overly random." - @jayjacobs, explaining something I will never understand.
2
Looking forward to our Thursday panel on risk based vuln management with @allanfriedman, @jayjacobs, @mroytman & @JGamblin.
9 Aug 2022
Planning your #BHUSA schedule? Here’s what you need to know 👉
kennasecurity.com/black-hat-…
6
10
9 Jun 2022
Tell him his mom says hi.
7
13 May 2022
While I appreciate all constructive feedback, I imagine you meant to tag @JayJacobs28.
1
27 Apr 2022
Sasha put a lot of work into making the EPSS API a reality. Current and historical EPSS scores are now available on demand!
27 Apr 2022
Super happy to announce that the #EPSS API is now live! Please see first.org/epss/api for examples and more documentation. For example…
1
jayjacobs retweeted
21 Apr 2022
Join us at #SiRAcon22 where @jayjacobs will discuss a different approach, the Exploit Prediction Scoring System (EPSS), that improves measurement by collecting real-world data, using modern analysis, and mixing with domain expertise.
More Info here: societyinforisk.org/SIRAcon2…
2
2
1 Apr 2022
Best job ever.
1 Apr 2022
It's our birthday!
Some may wonder why we'd start a company on April Fool's. Cyentia is a portmanteau of scientia (latin for “knowledge”) & "cyber." Our goal is to counter the widespread foolishness that plagues the cybersecurity industry with data-driven research. So it fits :-)
4
3 Mar 2022
This isn't another post about Log4Shell. Instead it's about what Log4Shell can teach us about the Exploit Prediction Scoring System (EPSS) first.org/epss/log4shell
7
11
28 Feb 2022
Looking forward to this discussion tomorrow. Have questions about EPSS? the data behind it? Join us tomorrow!
1
2
jayjacobs retweeted
23 Feb 2022
Anytime I hear superlatives like "worst vuln in recent history" my skepticalometer goes off. Heard that a lot in ref to Log4j and this chart from Fortinet 2H 2021 report seems to back it up. Log4j is like "Aw -Keep pushing Struts; you'll make it to the Big Leagues one day..."
1
1
14 Feb 2022
"EPSS v2 is out!" I wrote up a brief history of how the objectives of EPSS have shifted with this release: cyentia.com/epss-version-2-i…
8
16
jayjacobs retweeted
4 Feb 2022
EPSS v2 is the most important work done in the vulnerability world in the past 10 years. Free and open science to replace dogma:
4 Feb 2022
You better look both ways because the Exploit Prediction Scoring System v2 #model is coming in hawt: sbee.link/c6wj7ym8va
#EPSS #zoolander
2
6
11
4 Feb 2022
Updated model released for the Exploit Prediction Scoring System #EPSS improved performance and 168,325 CVEs scored today. first.org/epss/model
1
6
14