Eoin & The Security

Making a "dent" in the Universe.... We like to think we "move the dial" and have a positive impact for our clients at edgescan. Our combination of technology and expertise helps our clients very quickly prioritize and focus on vulnerabilities which matter.  Realistically as a managed vulnerability intelligence service we do the "heavy lifting" so our partners and clients can work on remediation and improvement coupled with on-going situational awareness. We put together a short video to explain this a little better, Hope you like it.

Vulnerability Management Automation = Good or Bad and for Whom? Do we believe "highly automated security services" are a good thing? Where does automation work and where does it fall short? The Good: Scale Security Automation can deliver thousands of assessments, on-demand and scale to extremely large estates which require vulnerability management on a regular basis. "Low hanging fruit" can be easily detected but at times Risk can be inaccurate which affects prioritization.  Automation still needs to be tuned such that its production safe and does not negatively affect the asset being assessed.  Automation can be challenging in relation to authenticated assessments and even more so when multi-factor authentication is used by the asset. Metrics Frequent or on-demand assessments via automation can assist in the provision of ongoing metrics.  We can measure TTR (Time To Remediation), Identify most common vulnerabilities, Assist with Root-cause an...

Measure, so we can improve. Its been a while since I've blogged anything due to lack of anything meaningful to say or the fact that few people actually want to listen :) but anyways... I've been working on the 2019 edgescan Vulnerability Stats report which always gives me joy as I find it very interesting to see a real picture of the vulnerability landscape based on the clients we humbly serve via our edgescan SaaS. Currently we assess thousands of web applications and hundreds of thousands of endpoints, all under continuous/on-demand cyber security assessment.  Industries such as finance, government, media, pharma, retail, energy, legal all served by our SaaS but the result makes for some good reading when you look into the statistics of vulnerability. App layer is where the risk lives: In 2018 we discovered that on average, 19% of all vulnerabilities were associated with (Layer 7) web applications, API’s, etc., and 81% were network vulnerabilities. The Risk ...