See a 10-minute overview of the platform.

Search
Search

Case Studies

Online gaming

Services:

Vulnerability Management & PTaaS

Online gaming

Securing Agile Web app environments

The scope of this engagement consisted of delivering continuous vulnerability management of 100+web applications deployed by a online gaming company

  • The client company required a continuous assessment of its entire global external attack surface in order to detect current security issues and detect new issues into the future.
  • The client required an authenticated assessment  to simulate an attacker with valid credentials on both desktop and mobile web applications.
  • The client required a false positive free list of actionable findings which they could simply assign and fix.
  • They required the assessment to continue to assess the sites so they could track progress and mitigation of discovered security risks.
  • The client required API and Jira plugins in order to integrate the Edgescan verified vulnerability data directly their systems
  • The client required retest on demand capability where required and also alerting of any new high risk issues discovered.

Onboarding

The onboarding phase consisted of validating each site and server for stability and criticality such that the continuous assessment could provide coverage and depth of testing as expected. Once an application is onboarded technical assessment can commence and the application is subject to technical security assessment on an ongoing basis.

Continuous Assessment

Edgescan provided continuous authenticated vulnerability assessments on an ongoing basis for the 100+web applications under management

All of the vulnerabilities are rated for risk and manually validated to help prioritize remediation ensuring critical exposures are fixed first

Assessments occurred on a scheduled and an ad-hoc basis as required by the client.

The assessment included the mobile sites offered by the client.

Outcome

Within the first 7 days Edgescan discovered, validated and published 55 high risk issues on the clients Edgescan portal. The client proceeded to fix the discovered issues over the coming months and the fixes were verified and closed by edgescan. The client could display the improvement of its security posture over time. The client could request an assessment when required to retest for vulnerabilities and maintain a secure posture.