Data Sources & Credits

Attributions & Credits

We gratefully acknowledge the organisations and projects whose work, data, and research help power the Precursor Intelligence platform.

Data Sources & Organisations

NVD

NIST National Vulnerability Database (NVD)

We use the U.S. National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) as a core source for CVE, CVSS, CPE, and related vulnerability metadata in our platform.

This product uses the NVD API but is not endorsed or certified by NIST or the NVD.

EPSS

FIRST Exploit Prediction Scoring System (EPSS)

We incorporate EPSS probability scores from FIRST to provide an estimate of the likelihood that a vulnerability will be exploited in the wild, helping users prioritise remediation beyond static severity scores.

EPSS data is provided by FIRST. This product is not endorsed by FIRST.

KEV Catalog

CISA Known Exploited Vulnerabilities (KEV) Catalog

We reference the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities Catalog to highlight vulnerabilities that are known to be actively exploited and to support risk-based prioritisation.

Data from the KEV Catalog is provided on an ā€œas isā€ basis. CISA does not endorse Precursor Intelligence.

MITRE ATT&CKĀ®

MITRE ATT&CKĀ® Framework

We map threat actor behaviour and detection content to the MITRE ATT&CKĀ® framework to provide a common language for tactics and techniques across our threat and detection features.

Ā© 2025 The MITRE Corporation. MITRE ATT&CKĀ® and ATT&CKĀ® are registered trademarks of The MITRE Corporation.

Atomic Red Team

Atomic Red Team

We reference Atomic Red Team tests from Red Canary to help users emulate adversary techniques and validate their detection coverage against techniques mapped to MITRE ATT&CKĀ®.

Copyright Ā© Red Canary, Inc. Used under the terms of the MIT License.

MalwareBazaar SSLBL ThreatFox

abuse.ch Ecosystem (MalwareBazaar, SSLBL, ThreatFox)

We use data from the abuse.ch projects MalwareBazaar, SSLBL, and ThreatFox to enrich malware and indicator-of-compromise (IoC) intelligence within our Threat Intelligence features.

Data from abuse.ch is provided on an ā€œas isā€ basis. According to the project documentation, data is free for both non-commercial and commercial use.