Cyber Incident? Get Help

Coalition Releases Security Vulnerability Exploit Scoring System

Coalition ESS Uses AI to Generate Dynamic Risk Scores to Help Organizations Mitigate Their Most Critical Risks Faster

SAN FRANCISCO — June 15, 2023 — Coalition, the world's first Active Insurance provider designed to prevent digital risk before it strikes, today announced the Coalition Exploit Scoring System (Coalition ESS), a unique vulnerability scoring system that helps risk managers mitigate potential cyber threats. Developed by Coalition Security Labs, the company’s research and innovation center, Coalition ESS is a security risk prioritization scoring system that leverages real-time monitoring and dynamic scoring to enable businesses of all sizes to efficiently understand which vulnerabilities to patch first. 

“In cybersecurity, timing is everything. Thousands of new vulnerabilities are published monthly, and it’s nearly impossible for IT and security teams to quickly understand and address them all. Defenders need a more efficient way to sift through the noise and prioritize which vulnerabilities to remediate,” said Tiago Henriques, Coalition’s Head of Security Research. “With Coalition ESS, they have an early source of truth to evaluate which risks to prioritize mitigating before an incident occurs.”

Coalition ESS leverages artificial intelligence and large language modeling to scan the descriptions used within newly released CVEs (Common Vulnerabilities and Exposures) and compares them to previously published vulnerabilities to predict the likelihood of exploitability. The result is two probability scores: the Exploit Availability Probability, or the likelihood that code for an exploit will be publicly available, and the Exploit Usage Probability, or the likelihood that threat actors will use an exploit to execute an attack. These scores combined give security managers and IT professionals a prioritization list outlining which vulnerabilities pose the greatest threat, saving time and resources in an otherwise arduous decision-making process. 

Coalition ESS scores are dynamic, responding to changes in available exploit information, unlike the scores derived from the Common Vulnerability Scoring System (CVSS). Coalition ESS scores are available up to one week from the initial vulnerability announcement, unlike other systems where scoring a vulnerability can take anywhere from one week up to one month.

“We created Coalition ESS to prioritize our own vulnerability management efforts as we are often the first line of defense for hundreds of thousands of assets of our customers at scale. We use ESS to evaluate and notify our policyholders about which vulnerabilities have the highest potential to negatively affect them and, today, are releasing it to the broader community,” continued Henriques. 

Coalition ESS is available today for public use at: To learn more about Coalition’s cybersecurity research and innovation center, Security Labs, visit:

About Coalition

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. By combining comprehensive insurance coverage and cybersecurity tools, Coalition helps businesses manage and mitigate digital risks. Coalition offers its Active Insurance products in the U.S., U.K., and Canada through relationships with leading global insurers, as well as cyber capacity through its own carrier, Coalition Insurance Company. Coalition's Active Risk Platform provides automated security alerts, threat intelligence, expert guidance, and cybersecurity tools to help businesses worldwide remain resilient against cyber attacks. Headquartered in San Francisco, Coalition is a distributed company with a global workforce that collaborates digitally and in office hubs.

Insurance products are offered by Coalition Insurance Solutions Inc. (“CIS”), a licensed insurance producer and surplus lines broker with its principal place of business in San Francisco, CA (Cal. license #0L76155),  acting on behalf of a number of unaffiliated insurance companies and available on an admitted basis through Coalition Insurance Company (“CIC”) a licensed insurance underwriter (NAIC #29530). Insurance products offered through CIS and CIC may not be available in all states. CIS may receive compensation from an insurer or other intermediary in connection with the sale of insurance. All decisions regarding any insurance products referenced herein, including approval for coverage, premium, commission, and fees, will be made solely by the insurer underwriting the insurance under the insurer’s then-current criteria. All insurance products are governed by the terms, conditions, limitations, and exclusions set forth in the applicable insurance policy. Please see a copy of your policy for the full terms, conditions, and exclusions. Copyright © 2023. All rights reserved. Coalition and the Coalition logo are trademarks of Coalition, Inc. or its affiliates.