For years Edgescan has been working with a large media conglomerate known for entering their most trusted security suppliers into bakeoffs to ensure they have a best-in-class risk posture. They have the budget and the aptitude to try any innovative solution that can help to that end. Our years of working together have shaped how Edgescan understands the challenge Enterprises face today.
The Challenge – Deliver Scale and Accuracy for Web Application Vulnerability Management (VM) Program
Fueled by growing technology adoption, the client needed to find a new solution to scale their Vulnerability Management (VM) program. Their existing solutions simply could not scale while providing accuracy with over 5000 web applications across all of their corporate entities and geographies.
Edgescan Initial Solution
Edgescan quickly established a baseline security posture for all 5000 web applications across all their business units. Within one month, Edgescan was able to demonstrate it could handle the scale while providing accuracy. As the client environments grew and more applications required scanning, the Edgescan solution continued to provide accuracy under increased loads. Previously with their existing solution and their staff manually validating the results, their team could not keep up with the number of alerts they were receiving. With Edgescan’s hybrid platform, the validation process easily kept up with the frequency of alerts.
Expanding from Web Applications to Penetration Testing
Based on the success of the Web Application Vulnerability Management solution, the client turned to Edgescan for Penetration Testing as a Service (PTaaS). They had previously struggled to effectively secure optimal penetration testing that could keep up with their expanding attack surface. They could not scale even when they engaged with third party contractors.
So Edgescan, armed with Web Application Vulnerability Management intelligence, started ranking each system in concert with the client’s business requirements. Edgescan prioritized vulnerabilities for Pen Testing that presented critical risks and were important to the organization. Because all Pen Testing and vulnerability scanning was done in one centralized platform, the client was able to effectively scale their pen testing needs as required.
Proving Value for Five Years Running
As mentioned earlier, the client has the budget and security acumen to effectively test all established and new and upcoming security tools. Basically, they can work with anyone. Each year, the Edgescan solution is placed in a head to head competition (a “bake-off”) against competitive solutions. In each of the last five years, Edgescan has conclusively won every competition and continues to hold a strategic and trusted role within the client’s overall Cyber Security Program.
Engagement Numbers
Day 1 – 4 Hours to Hack
It only took 4 hours for Edgescan to hack into the client’s system the first time.
Day 300 – 48 hours to Hack
After the Edgescan Solution was deployed, it took 48 hours to hack into their system.
5000 Web Applications
The number of web applications the Edgescan Platform scaled to without sacrificing accuracy.
24 Hours and 500 Websites
Amount of time for Edgescan to onboard 500 new websites (as opposed to weeks or months).
50% Cost Savings
Reduced the cost of pen testing by up to 50% without reducing coverage or accuracy.
2 vs 8 Staff Members
Initially, without the Edgescan Solution, the client was assigning eight members of their security team to validate automated results. With the Edgescan solution they now only assign two members and deploy the remaining six staff for strategic activities.
If you would like to learn more about scaling with accuracy, click below