Freely subscribe to our NEWSLETTER

Edgescan was also highly commended (I think that means we came second) in the Best Enterprise Security Solution category, and described by the judges as: “A great example of a comprehensive vulnerability management system with excellent reporting capabilities.”

Edgescan Product Review

Computing Security UK, have recently published an independent review of Edgescan. According to them: "Edgescan’s full stack vulnerability management allows it to scan at the network and application layers. This full visibility across the entire infrastructure and applications does away with the need for more costly point solutions." You can access or download the entire review on the Computing Security UK website.

API Hacking For The Actually Pretty Inexperienced Hacker

If you’re thinking that hacking APIs requires specialized knowledge think again. A simple online search for "Bug Bounty" will provide a whole range of sites and services to teach you how to get started. I have even heard that a group of retired ladies have started a "Bug Bounty" club to see if they can supplement their pensions! Unfortunately not all API hackers are nice old ladies, and increasingly major data breaches are as a result of APIs that have not been implemented correctly. Gartner are of the opinion that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” The following YouTube video gives some idea of how easy it has become for even inexperienced hackers to look for vulnerabilities in APIs - API

Hacking For The Actually Pretty Inexperienced Hacker

Discover Your APIs Before Attackers Discover Them

According to Gartner: "Many API breaches have one thing in common: the breached organization didn’t know about their unsecured API until it was too late. This is why the first step in API security is to discover the APIs which your organization is delivering, or which it consumes from third-parties. Mobile and web applications are a good place to start, because APIs are often used as part of modern web applications or mobile applications built with frameworks such as Angular or React. These include single page applications (SPAs) which use APIs. Another source of APIs is application integration, which increasingly involves APIs used by integration products such as ESBs and iPaaS to provide access to applications or data. This is why discovering your APIs is the first step to API Security. Your own APIs, and third party APIs. You need to know what the attack surface is before you try to defend it."

Edgescan provides API Discovery using multi-layer probing techniques, and includes:
• Multi-layer probing across IP/CIDR ranges designed to detect rogue or unknown deployed API endpoints.
• Continuous asset profiling service that allows you to understand the API topology deployed across your public Internet facing estate..
• Cataloguing and categorizing correlation technology, that makes it possible to find a true inventory of APIs and exposures facing the public Internet.
• A discovery process runs continuously across your entire estate non-stop, 24x7x365 and alerts you when a newly discovered API has been detected.
If you are curious to know what you have exposed, you can get in touch for a free trial/POC .

Did You Miss The "Vulnerability Explained" Webinar?

On Thursday the 21st of May, IT Security Guru hosted a webinar with Eoin Keary CEO and founder of Edgescan, and Rahim Jina, COO. The webinar focused on the most common vulnerabilities detected by Edgescan’s team over the course of last year, and looked at the problems with how we currently think about patch management and vulnerability scanning. If you would like to watch it, then you can simply go to BrightTALK - Vulnerability Management Explained: the Stats You Need to Beat Cybercriminals . The webinar last just under 40 minutes.

Remote Internal Penetration Testing

From build environment to ease of access, various reasons exist as to why some applications or systems typically require penetration testers to be physically present onsite. Edgescan™ offers a solution to facilitate remote penetration testing which was traditionally performed ‘onsite’ at a client’s premises. This solution still offers the same full rigorous testing that would be performed onsite, but with the penetration tester operating remotely from the Edgescan HQ.

How It Works

Internal systems and applications are protected from the Internet, typically behind many layers of security devices and abstraction. In order to be able to test such systems with the same accuracy, we utilize two key components:
edgescan™ CloudControl (Hosted in Amazon AWS)

The CloudControl host is a Virtual Machine which runs in Amazon AWS. Each client is provided with a dedicated CloudControl which is completely segregated within AWS. This host provides one end-point of a Virtual Private Network (VPN) which utilizes OpenVPN to provide a strongly encrypted end-to-end tunnel between itself and it’s corresponding JumpBox. Sitting behind each CloudControl VM are separate application and network scanning engines, deployed as virtual machines, which are controlled by the penetration tester via the Edgescan API. An application web proxy is available for which our testers can proxy web application traffic through to target web applications on the customers premises.
This facilitates manual testing of these systems.

Additionally, network validation is performed via a ‘network validation environment’ which is a docker-based container. This environment provides network-layer penetration testing tools which our testers can utilize to perform network testing and validation of network-layer vulnerabilities.
edgescan™ JumpBox

The JumpBox host can be provided as a physical machine or deployed as a virtual machine using your own VM infrastructure. This host is typically deployed on your internal network at a suitable location which provides traffic routes to the target network, device or application infrastructure. Both the CloudControl and JumpBox will auto-initiate a VPN connection to each other and this allows for a secure tunnel into your network.