# EPSS Raw Feed Layer (Immutable Storage)

## Module
Policy

## Status
IMPLEMENTED

## Description
EPSS feed ingestion with CSV parsing, repository storage, and enrichment jobs. Database migrations exist for EPSS risk scores storage.

## Implementation Details
- **UnknownRanker Integration**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs` -- uses EPSS scores in exploit pressure calculation
  - EPSS >= 0.90: +0.30 exploit pressure factor
  - EPSS >= 0.50: +0.15 exploit pressure factor
  - `UnknownRankInput.EpssScore` (decimal 0.0-1.0) feeds into scoring
- **Risk Scoring Integration**: `src/Policy/StellaOps.Policy.Engine/Scoring/` -- EPSS scores used in risk profile scoring
  - `ProfileAwareScoringService.cs` -- includes EPSS in profile-aware scoring
  - `RiskScoringModels.cs` -- risk scoring models with EPSS data
  - `RiskScoringTriggerService.cs` -- triggers re-scoring when EPSS data updates
- **RiskSimulationService**: `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs` -- EPSS used as a signal in risk simulations
  - Categorical signal mapping: EPSS score mapped to signal weight contributions
- **Policy Gate Integration**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` -- EPSS thresholds used in gate evaluation
- **Staleness Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/StalenessEndpoints.cs` -- feed staleness monitoring
- **Risk Profile Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileEndpoints.cs` -- profiles include EPSS configuration
- **Evidence Weighted Score**: `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/` -- EPSS contributes to evidence-weighted scoring

## E2E Test Plan
- [ ] Verify EPSS score (0.95) contributes +0.30 exploit pressure factor in unknown ranking
- [ ] Verify EPSS score (0.50) contributes +0.15 exploit pressure factor
- [ ] Verify EPSS score (0.10) contributes 0 exploit pressure factor (below threshold)
- [ ] Verify risk simulation includes EPSS as a signal with weight contribution
- [ ] Verify risk scoring trigger fires when EPSS data updates
- [ ] Check staleness endpoint for EPSS feed; verify freshness status is reported
- [ ] Verify evidence-weighted score includes EPSS contribution
- [ ] Verify policy gate evaluates EPSS threshold per configuration