Can I Use Asset Priority To Change My Pen Test Queue?
Asset priority can be used in many ways, this article explains how asset priority can be used to determine the order in which penetration tests are executed.
Version Number: v1.0.0
Published Date: 10 Dec 2025
____________________________________________________________________________
This article explains how asset priority can determine the order in which penetration tests are executed. This is typically configured for enterprise customers to ensure that critical or new assets are tested first when capacity is limited.
Example Priority System
In this example, a customer performs around 50 penetration tests per month. Asset priority ensures that when multiple tests enter the workflow, the most important ones (P1) are completed first, followed by P2 and P3, so that critical or time-sensitive assets consistently receive priority.
| Priority | Description | Example |
| P1 | Never tested and in production, or entering production within 1 month. | New live system |
| P2 | Has not had a penetration test in the previous 10 months, will fall out of compliance when it gets to 12 months no pentest. | Compliance is expiring |
| P3 | All other assets that require penetration testing | Non-critical, lower risk assets |
Pen tests are completed in the order P1 → P2 → P3.
Queue Ordering Rules
When assets enter the pentest queue, they are sorted by the following criteria, in order of precedence:
- Asset Priority
- Type – Onboard → Renewal → Upgrade
- Last Assessment Date – oldest first
- License End Date – closest expiry first*
If multiple assets are identical across all factors, the next asset is selected at random.
License End Date Exceptions
*Although license end date is normally the final sorting factor, it can override all other rules if a license is close to expiry to ensure testing is completed before the license lapses.
Renewals vs. Onboards
- Renewals are not initially placed in the queue.
- They are scheduled roughly at the same time as the previous year's pentest.
- If a renewal encounters a blocker, it re-enters the queue and is ordered using the standard sorting rules.
- Onboards (first-time tests) are prioritised above renewals.
- Upgrades are treated as the lowest priority unless specifically requested or required due to licensing constraints.
Notes
- After onboarding, asset priority must be maintained by the customer within Edgescan.
- Licensing or scheduling limitations may occasionally require deviations from the standard ordering rules.
- Renewals that are delayed or blocked will re-enter the queue and follow normal prioritisation.