Getting Started with CTEM
      Back to home
      1. Help Center
      2. Continuous Threat Exposure Management (CTEM)
      3. Getting Started with CTEM

      Is Edgescan a Continuous Threat Exposure Management (CTEM) provider?

      Yes, Edgescan works with customers to build a continuous process & program to manage cyber risk that allows organizations to enhance and optimize their overall cybersecurity.

      Version Number: v1.0.1

      Published Date: 16 May 2024

      ____________________________________________________________________________

      What is Continuous Threat Exposure Management (CTEM)?

      Organizational attack surfaces have expanded enormously in recent years. This growth has been driven notably by accelerated adoption of SaaS, expanding digital supply chains, increased corporate presence on social media, custom application development, remote working and internet-based customer interaction.

      How does Edgescan approach CTEM with our customers?

      Phase 1: Scoping: This is the first stage where the organization defines the intended scope of the project. This includes identifying which assets require monitoring and protection to support the needs of the business. Initial scope can be defined by a common body of knowledge within the organization coupled with EASM (External Attack Surface Management)

      Phase 2: Discovery: After defining the scope of the engagement, related assets are identified using discovery technology such as ASM. These assets are then assessed for misconfigurations, exposures, vulnerabilities, and other unwanted exposed services which are unintended. Techniques such as RBVM (Risk Based vulnerability Management) and PTaaS (Penetration Testing as a Service), for deeper assessment, driven by the targets discovered in Phase 1.

      Phase 3: Prioritization: During this stage, the identified vulnerabilities are ranked based on the threat that they pose to the business. Often, this is based on potential exploitability, chance of breach and criticality of the asset hosting the vulnerabilities. Metadata such as EPSS and CISA KEV coupled with more traditional CVSS and OWASP severity rating methodologies can be used to achieve this.

      Phase 4: Validation: During the validation stage, the organization tests & retests (if required) the effectiveness of its existing security controls and mitigations against identified threats. “Is a discovered vulnerability exploitable?” This can include penetration testing (PTaaS) for deep expert lead assessment, RBVM, and similar exercises. In the case of Edgescan all reported vulnerabilities are validated.

      Phase 5: Mobilization: Finally, the organization takes steps to mitigate the identified vulnerabilities. This is accomplished in order of importance based on the results of the prioritization and validation.