Edgescan Product Strategy

To add to that we are improving our full-stack orchestration technology, this is the technology that controls our crawlers/scanners. This will ultimately lead to shorter scan times and more detail available via the platform & API. Launch starting August 2020 and first phase will be completed by December 2020.

A significant amount of our development time will as always go into scanning technology. Below are further upgrades.

• New Single-Page application scanning – new JavaScript parsing engine being implemented.  Beta rollout 2020.
• API crawling and scanning upgrades – swaggers and API descriptor files can already be stored against your asset in Edgescan. We are building out on this. Expected January 2021.
• Network scanning upgrades – with ~90,000 unique vulnerability tests, we plan to increase our coverage, efficiency and decrease time from new exploit discovery to when Edgescan is testing for this new finding. Expected December 2020.

• Okta
• Onelogin
• Ping Identity
• Auth0
• G Suite
• Azure AD

Contact your Edgescan sales representative if you would like to enable SSO within your organisation. Contact Us

• Edgescan’s API Discovery service monitors your organizations external infrastructure for exposed API’s, both known and unknown. Our exploration techniques are lightweight, non-destructive, run continuously, and provide a confidence level with each finding so you can perform immediate risk triaging.
• Edgescan provides a read-only data stream that is available through our web platform and the Edgescan API hosts endpoint. No configuration is needed!

For a more comprehensive introduction to API Discovery please see our product data sheet.

• We sent an RFI out to 10 exciting design studios in Ireland in November 2019. This was a long-term project for us as we understood we have the security, operations and development skillset, but we lacked the design experience that could really push our UI to the forefront of this industry.
• We engaged with Design Partners to give our platform a ‘facelift‘ which will be rolled out to all clients before the end of 2020.
• We are really excited about this and it represents our first time engaging with external designers in a project of this size, we hope you like what you see.

This will enable our users to have more granular control over their assets and organisations as well as enabled nesting organisations for those tricky M&A use-cases.

This is part of a larger piece of work that has been happening in the background. Success criteria for this project is to ensure that clients have full visibility over all the testing & assessments we are performing and making sure license ‘utilisation‘ KPIs are front and centre.

• CIS Benchmarking – October 2020.

As you may have seen, CIS alignments and controls have been rolled into the definitions. This will allow CIS benchmark reporting and further telemetry for vulnerability data.
This is a follow-up to the CVE and CWE information that was added into vulnerability definitions in 2019 and 2020.

• Quarterly stats reports – June 2021

Currently only available for enterprise client. Quarterly reports give our clients an indication of time and effort saved by utilising the Edgescan service.
We would like to make this service available to all users.

• Further ASV & PCI Reporting – April 2020 and August 2020.

We have completed three minor sprints this year for PCI reporting. This expanded our reporting capabilities adding in more supported formats, enabled historical reporting so you can benchmark current PCI results vs previous and streamlined disputes resolution allowing more detailed reporting.

Compliance and regulation information available here.

When the UI work is completed on the main frontend, the next piece of technology to incorporate is the onboarding application.

• Into automation tools such as Zapier, Sentinel & additional CI/CD tooling.
• Into asset/risk management tooling such as ServiceNow & RSA Archer.
• Into cloud services such as AWS, Azure and GCP.

We will have individual blog posts about further integrations as they are rolled out.