Explore the intricacies of predicting software vulnerability exploitation in this 21-minute conference talk from USENIX Enigma 2019. Delve into research findings based on data from 10 million hosts, uncovering insights on global vulnerability impact and exploitation trends. Learn about the decreasing fraction of exploited vulnerabilities despite their growing discovery rate, and understand why popular vulnerability metrics like CVSS scores poorly correlate with real-world exploits. Discover how combining technical vulnerability characteristics, social media information, and patching rates can create predictive models for assessing exploitation risks. Gain valuable knowledge on objectively evaluating defensive technologies, determining biggest security risks, and applying data-driven approaches to cybersecurity decision-making and policy formulation.