With the successful rollout of API Discovery to clients in early 2020, we wanted to start publishing and discussing some of the long-term work that the Edgescan teams are working toward.
All Edgescan teams have expanded in the last year, with our biggest headcount increases being in our development and operations teams. The benefits of hiring the most interesting and exciting builders and breakers, is they create (and break) the most interesting and exciting technologies, so let’s talk about it.
The aim of this blog post is to give you a short summary of some of the ongoing work, and some of the projects that are expected to be rolled out in the coming year.
|Scanning Technology Upgrade|
|Timeline – Ongoing|
|What we are working on. We have an industry-leading assessment platform; we are pushing this bar out even further with some new spidering/crawling capabilities which will provide a much deeper and accurate level of crawling on all technologies and significantly improve client-side web application results.
To add to that we are improving our full-stack orchestration technology, this is the technology that controls our crawlers/scanners. This will ultimately lead to shorter scan times and more detail available via the platform & API. Launch starting August 2020 and first phase will be completed by December 2020.
A significant amount of our development time will as always go into scanning technology. Below are further upgrades.
|Single-Sign On (SSO).|
|Timeline – March 2020|
|With more organisations utilising SSO services, we are expanding our support for supported services.
Current supported include:
Contact your Edgescan sales representative if you would like to enable SSO within your organisation. Contact Us
|Timeline – May 2020|
For a more comprehensive introduction to API Discovery please see our product data sheet.
|Timeline – December 2020|
|Organisation Setting & Configuration|
|Timeline – March 2021|
|Manage your assets and users more effectively by splitting them into logical organisations to match the structure of your business units or functions.
This will enable our users to have more granular control over their assets and organisations as well as enabled nesting organisations for those tricky M&A use-cases.
|Timeline – April 2021|
|To build on work completed in 2019, where we have rolled out further license visibility in the platform.
This is part of a larger piece of work that has been happening in the background. Success criteria for this project is to ensure that clients have full visibility over all the testing & assessments we are performing and making sure license ‘utilisation‘ KPIs are front and centre.
|Reporting – Compliance and Benchmarking|
|Timeline – Ongoing|
As you may have seen, CIS alignments and controls have been rolled into the definitions. This will allow CIS benchmark reporting and further telemetry for vulnerability data.
Currently only available for enterprise client. Quarterly reports give our clients an indication of time and effort saved by utilising the Edgescan service.
We have completed three minor sprints this year for PCI reporting. This expanded our reporting capabilities adding in more supported formats, enabled historical reporting so you can benchmark current PCI results vs previous and streamlined disputes resolution allowing more detailed reporting.
Compliance and regulation information available here.
|Timeline – June 2021.|
|To further streamline the onboarding of assets in Edgescan, we have built out our API to make it as simple as ever for organisations to get their assets created and testing started. With the addition of new swagger locations and API calls it has never been easier to get testing lined up.
When the UI work is completed on the main frontend, the next piece of technology to incorporate is the onboarding application.
|Integrations 2021 and beyond.|
|Further integration work, in 2020 we’ve added risk correlation tool (RiskSense), automation technology (Axonius), we plan on expanding integrations and technology partnerships:
We will have individual blog posts about further integrations as they are rolled out.
We hope this gave you a bit of insight into our exciting plans for the next few months. If any of the above have prompted questions please get in contact with your Edgescan sales representative. As ever, we are more than happy to discuss any features you would like included.
Product Architect, Edgescan
Marketing Executive of Edgescan