INTERACTIVE TOUR
REQUEST DEMO
Go to my account
Search
Search
10th Edition of the 2025 Vulnerability Statistics Report available now!
GET REPORT

Licenses for Edgescan Solutions

The Platform that gives you continuous security testing, validated risk and proven exploits that will 100% improve your exposure management program.

All core licenses include:​
  • 100% vulnerability validation – no false positives
  • Unlimited automated assessments
    (network scans and DAST (Application and/or API))
  • Unlimited retesting of vulnerabilities
  • Expert remediation guidance
  • Premium support from FTE security (OSCP/CREST) experts
  • Prebuilt and custom RESTful API Integrations
  • Unlimited role-based user accounts
  • Unlimited, on-demand, customized reporting CISA KEV and EPSS correlation of applicable vulnerabilities

Types of Assets Discovered and Protected by the Edgescan Platform

Application Examples

Web applications (authenticated and unauthenticated), API’s (JSON, XML, WSDL, YAML and Graph), microservice architecture, single page applications, mobile applications.

Network Asset Examples

Servers, routers, switches, firewalls, domain controllers, data center, desktops (any layer 2 and layer 3 devices), printers, cloud assets, container hostnames, IOT and anything that has an IP address which is visible to Edgescan. Single IP’s, hostnames, blocks, CIDR and IPV6 are all supported. 

Edgescan Licenses

Core Value: Discovery of all internet-facing assets associated to a domain, and continuous monitoring of defined external IP range(s)
Edgescan Solutions: External Attack Surface Management, API
Security Testing: Security Coverage: Domains and external IP ranges. 

Internet discovery for a primary domain including, but not limited to, subdomains, internet records, registrants, and services. Continuously assesses and alerts users about network changes and APIs discovered in their defined external attack surface. 

Core Value: Provides continuous vulnerability scanning across your network and peripherals
Edgescan Solutions: Risk-based Vulnerability Management
Security Coverage: Networks and infrastructure

Includes network vulnerability scanning of network assets (i.e., servers, network devices (i.e., routers, switches, firewalls, etc.), peripherals (such as IP-based printers or fax machines), and workstations), with a 100% validated result.

Core Value: Dynamic Application Security Testing providing an accurate snapshot of your overall security posture using a hybrid approach of proprietary scanning technology, automation, and human expertise.
Edgescan Solutions: Application Security Testing
Security Coverage:  Web applications, network, APIs, cloud

• Includes network vulnerability scanning for the underlying host(s).
Unauthenticated application and network layer automated test with 100% validated results
• Unlimited automated testing; User accounts and reporting 

Core Value: Provides accurate assessments of your authentication enabled applications across your entire IT enterprise utilizing dynamic application security testing
Edgescan Solutions: Risk-based Vulnerability Management, API Security Testing, Application Security Testing
Security Coverage: Web applications, network, APIs, Cloud

• Provides the same level of service as outline above and in the Essentials License
Authenticated Application and network layer testing automated test with 100% validated results.
• Integrations: ServiceNow, MS Teams, Slack integrations, custom events and notifications, etc. 

Core Value: Provides accurate business logic assessments of your most complex applications while prioritizing vulnerabilities and providing remediation guidance across the enterprise
Solutions: The entire suite of Edgescan solutions is used by certified security experts.
Security Coverage: Web applications, network, APIs, cloud, networks and infrastructure

• Provides the same level of service as outline above and in the Professional License
• Authenticated application Pen testing as a Service (PTaaS), network layer testing, and risk-based vulnerability management
• Human analysis provides a deeper level of testing to a Host/Server or Professional License by including a penetration test or business logic assessment (BLA). Testing is performed by full-time Edgescan employees who are a team of certified OSCP/CREST security experts. Includes network vulnerability management for the underlying host(s) (if applicable). 

Additional Services and Add-ons

Host/Server or Professional, plus quarterly (4) penetration tests or Business Logic Assessments (BLAs) performed by Edgescan’s FTE team of certified OSCP/CREST security experts. 

Any level of service can be upgraded to an Advanced license, or a second penetration test or Business Logic Assessment (BLA) performed by Edgescan’s FTE team of certified OSCP/CREST security experts can also be added to an existing Advanced license to add additional penetration tests. 

A bespoke virtual appliance that allows for access to internal infrastructure, acting as one endpoint of a Virtual Private Network (VPN).  Edgescan deploys a dedicated corresponding endpoint (called Cloud Control) within a private Virtual Private Cloud (VPC in your cloud provider) to provide a strongly encrypted end-to-end tunnel between the applicance and the Edgescan Platform. 
Approved Scanning Vendor service to satisfy PCI-DSS compliance needs pertaining to vulnerability scanning, penetration testing, and reporting.

Combination of a single native device/forensic analysis test of a mobile application performed by Edgescan’s FTE team of certified OSCP/CREST security experts.  Additionally, an Advanced license is applied to the underlying iOS or Android API.

If access to 24/7 emergency escalations or premium support is required outside of traditional business hours, Edgescan can accommodate.

Dedicated account concierge who assists in achieving operational readiness across the enterprise. Edgescan is easy to set up and maintain out of the box; however, a Technical Account Manager is often recommended for teams that need to improve their security posture quickly, are going through a digital transformation effort, are short-staffed, or have particularly complex environments.

Integrations

All tiers of Edgescan come with our full suite of integrations, click here to review the list.

Click Here

Contextualized
Risk Scoring

Risk prioritization with traditional and proprietary (EXF) scoring systems.

CLICK HERE

Certified Security Professionals

Edgescan Security Experts (OSCP/CREST) are FTEs able to provide consultancy-grade penetration tests and Business Logic Assessments (BLAs) (PTaaS) to critical assets.

CLICK HERE

Contact us for more information on how Edgescan can help secure your business.

Contact Us

Vulnerabilities Discovered by Edgescan

Our hybrid process of advanced scanning automation and cyber analytics combined with human intelligence is what differentiates us from scanning tools and traditional pen testing services.
  • All OWASP Top 10 vulnerabilities
  • Application framework – known vulnerabilities (spring / struts / zend/ django/ .net, etc.)
  • Autocomplete attribute
  • Buffer overflow
  • Content spoofing / HTML hacking
  • Cookie access control
  • Cross site scripting (XSS) –reflected / stored
  • Data / information leakage
  • Directory indexing
  • DOM XSS
  • File path traversal
  • HTTP caching control
  • HTTP header injection
  • HTTP only session cookie
  • HTTP response smuggling
  • HTTP response splitting / pollution
  • Improper input handling
  • Improper output encoding / content type encoding
  • Improper file system access control
  • Insufficient SSL / TLS / transport layer protection
  • Integer overflows
  • LDAP injection
  • OS command injection
  • Persistent session cookie
  • Remote file inclusion (RFI)
  • SANS Top 25 Software Errors
  • Server-side injection
  • SQL injection: error based, time based, Boolean conditional, MySQL, MSSQL, Oracle, etc.
  • Unsecured session cookie
  • URL redirect security
  • XML attribute security, XML external entities
  • XML injection and schema security
  • XPath injection