git.stella-ops.org/src/Policy/__Libraries/StellaOps.Policy.Determinization/Evidence/EpssEvidence.cs

using System.Text.Json.Serialization;

namespace StellaOps.Policy.Determinization.Evidence;

/// <summary>
/// EPSS (Exploit Prediction Scoring System) evidence.
/// </summary>
public sealed record EpssEvidence
{
    /// <summary>
    /// CVE identifier.
    /// </summary>
    [JsonPropertyName("cve")]
    public required string Cve { get; init; }

    /// <summary>
    /// EPSS score [0.0, 1.0].
    /// Probability of exploitation in the next 30 days.
    /// </summary>
    [JsonPropertyName("epss")]
    public required double Epss { get; init; }

    /// <summary>
    /// EPSS percentile [0.0, 1.0].
    /// </summary>
    [JsonPropertyName("percentile")]
    public required double Percentile { get; init; }

    /// <summary>
    /// When this EPSS value was published (UTC).
    /// </summary>
    [JsonPropertyName("published_at")]
    public required DateTimeOffset PublishedAt { get; init; }

    /// <summary>
    /// EPSS model version.
    /// </summary>
    [JsonPropertyName("model_version")]
    public string? ModelVersion { get; init; }

    /// <summary>
    /// Convenience property returning the EPSS score.
    /// Alias for <see cref="Epss"/> for API compatibility.
    /// </summary>
    [JsonIgnore]
    public double Score => Epss;
}