Interactive Tool · TRIS v2

Test Your Vulnerability.
See What TRIS v2 Changes.

Plug in the details of any vulnerability and see how TRIS v2 scores it across twelve intelligence layers. Watch CVSS and TRIS v2 diverge when context enters the picture.

Vulnerability Inputs
Foundational · Layers 1-3
CVSS Base Score 7.5
NVD severity. 0 none, 10 maximum theoretical impact.
EPSS Probability 0.65
FIRST.org exploitation prediction. Probability of exploitation in next 30 days.
CISA KEV Status
Confirmed active exploitation in the wild.
Contextual · Layers 4-7
Threat Actor Targeting
Is a known APT group actively using this CVE against your sector?
Asset Criticality
Public Exposure
BASzy Validation
Does the attack actually work against your environment right now?
Novel v2 Layers · 8-12
Attack Path Blast Radius 47
Number of downstream assets reachable through lateral movement.
Supply Chain Depth
How deep does the vulnerable component sit in your SBOM?
Defense Efficacy (ATT&CK coverage) 31%
Percentage of exploitation-chain techniques your controls cover.
Threat Trajectory
Is exploit activity increasing, stable, or decreasing week over week?
Expected Financial Impact (USD) $1.94M
FAIR-based expected loss. Primary, secondary, and productivity combined.
Try a Preset Scenario
TRIS v2 Score
94/100
ACT
CVSS-Only
7.5
Fix Second
TRIS v2
94
Fix First
Layer Contributions
L1 CVSS
75
L2 EPSS
65
L3 KEV
100
L4 Threat Actor
100
L5 Asset
100
L6 Exposure
100
L7 BASzy
100
L8 Attack Path
47
L9 Supply Chain
100
L10 Defense
69
L11 Trajectory
100
L12 Financial
70
TRIS v2 Analysis

Active exploitation, APT targeting, crown jewel exposure, and accelerating trajectory make this an immediate fix. CVSS underestimates because it only sees severity.

Score your real scan data. Request a demo →

This is a simplified demonstration. Real TRIS v2 uses proprietary weights and diminishing-returns functions documented in the white paper.