Secure Coding Guidelines
      Back to home
      1. Help Center
      2. Security Best Practices
      3. Secure Coding Guidelines

      Does Edgescan have secure coding guidelines?

      Edgescan is an approved scanning vendor and the organisation is CREST certified.

      Version Number: v1.0.1

      Published Date: 13 May 2024

      ____________________________________________________________________________

      • We conduct continuous vulnerability scanning of our platform and all internet-facing applications/IP’s.​
      • We conduct regular vulnerability scanning of internal infrastructure.​
      • We conduct regular penetration testing of our platform and internet-facing assets using internal penetration testing resources (Edgescan is operated by multiple teams of penetration testers)​
      • Our penetration testing methodology is CREST accredited​
      • Our solution is a PCI Approved Scanning Vendor​
        • https://www.pcisecuritystandards.org/assessors_and_solutions/approved_scanning_vendors ​
      • We conduct annual penetration testing of our entire platform and internet-facing assets by a third-party penetration testing company.​
      • Security events are monitored by our operations team​
      • We maintain a strong ‘Secure Coding’ ethos for our developers and are happy to share our Secure Development Policies
        • We utilize static code analysis in our build pipeline​
        • We utilize dependency auditing in our build pipeline​
        • Our production stack is all fully containerized​
        • We operate agile development methodologies, testing in fully segregated environments prior to deployment.​