Vulnerability management is an essential piece of the data security puzzle, but traditional solutions rely too heavily on automation alone.

Deployed as a SaaS (software as a service) solution, edgescan delivers an innovative 'bionic' defence that combines machine automation with human intelligence. This two-fold approach allows it to automate common, repetitive tasks, but bring human decision-making to more complex duties, such as vulnerability validation, risk assessment and prioritisation.

It has impeccable credentials, as edgescan is an approved scanner for PCI regulatory compliance. It also claims to be the only vulnerability management vendor that has Crest and ISO27001 certification for its penetration testing services.

Deployment is swift, as edgescan is completely agent-less and requires no on-premises scanners, as everything is run from the cloud. If internal scanning is required, edgescan deploys a temporary jump-box as a virtual machine that provides a secure VPN connection to the customer network.

Onboarding is equally pain-free, as the customer fills in a form declaring the assets they want protected. These range from network devices, applications and APIs to literally anything with an IP address that could be exposed.

edgescan's full stack vulnerability management allows it to scan at the network and application layers. This full visibility across the entire infrastructure and applications does away with the need for more costly point solutions.

Its hybrid approach puts a human behind every scan, as edgescan security experts monitor all results, validate vulnerabilities, apply risk ratings and push this information to the portal for further action. This is where edgescan's 'bionic defender' scores over automation-based solutions, as it removes false positives and negatives and only presents real threats.

The portal dashboard opens with graphs that can be customised to show areas such as risks over time and vulnerabilities by risk rating. From the metrics window, you can see what assets are compromised, remediation task status, how quickly patches are being deployed and their success rate, and how your security posture is faring over time. You can view the status of scanned assets, see vulnerability trends for each one and tag them, which allows integrations into CMDBS, WAFs and, if it has a RESTful API, any third-party solution such as SIEM, GRC and help-desk systems.

A schedule for each asset shows when the next scan will occur and edgescan allows customers to retest an asset on demand. Unlike solutions that charge per scan, an edgescan licence lets them do this as often as they wish, making it a great tool for instant spot checks on remediation tasks.

The edgescan asset profiler continuously scans the network, and highlights exposed IP addresses, ports and services. The Hosts page is of particular interest to edgescan's security experts, as they can quickly identify threats that present possible entry points for new vulnerabilities, alert customers and help them close security holes.

In fact, edgescan comes into its own here, as help is on hand at all stages. Detected vulnerabilities are shown in the web portal and accompanied by sage advice on fixing them; but, if a customer has any issues understanding the threat, edgescan will personally guide them through the remediation process.

edgescan's licence plans make it highly scalable and value looks even better, as it is licensed by IP address blocks and not per address. By bringing the human element into the equation, edgescan takes vulnerability assessment and management to the next level - and blows away the smokescreen of false positives.

Product: edgescan
Supplier: edgescan
Telephone: +44 (0) 203 769 0963
Web site: www.edgescan.com