How do you calculate the level of exploitability of a vulnerability?
CYE determines the exploitability of a vulnerability based on the skill and effort needed to exploit it, the availability of attack routes, how long the vulnerability has been available in public, its listing in the CVEs, the availability of a patch, and whether it is a standalone risk or part of a vulnerability chain.
We have access to this intelligence through a vetted community of over 1,000 ethical hackers. Based on their findings, we extrapolate the statistical probability of a vulnerability becoming exploited.