Securing the Web-Facing perimeter for a Telecommunication Enterprise

The scope of this engagement consisted of delivering continuous vulnerability management of 450 web applications and 12 thousand servers distributed across the globe for a global telecom manufacturer and operator based in the USA.

• The client company required a continuous assessment of its entire global Internet facing cyber-estatein order to detect current security issues and detect new issues into the future.
• The client required a false positive free list of actionable findings which they could simply assign and fix.
• They required the assessment to continue to assess the sites so they could track progress andmitigation of discovered security risks.

Onboarding

The onboarding phase consisted of validating each site and server for stability and criticality such that the continuous assessment could provide coverage and depth of testing as expected. Once an application is onboarded technical assessment can commence and the application is subject to technical security assessment on an ongoing basis.

Continuous Assessment

Edgescan provided continuous vulnerability assessment on an ongoing basis for the 450 web applications and 12,789 IP servers under management. All of the vulnerabilities discovered were manually validated helping our client focus on issues which cause a real risk. Assessments occurred on a scheduled and an ad-hoc basis as required by the client.

Outcome

Within the first 7 days Edgescan discovered, validated and exposed 233 high-risk issues and the platform monitored the remediation process as issues were fixed then were verified and closed by Edgescan. The client could display the improvement of its security posture over time. The client could request an assessment when required to retest for vulnerabilities and achieving robust secure posture.