- Help Center
- Security Best Practices
- Secure Coding Guidelines
-
Getting Started
-
Platform Overview
-
Scanning & Testing
-
Troubleshooting Asset Blockers
-
Vulnerability Management
-
Attack Surface Management
-
Continuous Threat Exposure Management (CTEM)
-
Integrations
-
Reporting
-
Security Best Practices
-
Advanced Features & Customizations
-
Troubleshooting & FAQs
-
Updates & Announcements
Does Edgescan have secure coding guidelines?
Edgescan is an approved scanning vendor and the organisation is CREST certified.
Version Number: v1.0.1
Published Date: 13 May 2024
____________________________________________________________________________
- We conduct continuous vulnerability scanning of our platform and all internet-facing applications/IP’s.
- We conduct regular vulnerability scanning of internal infrastructure.
- We conduct regular penetration testing of our platform and internet-facing assets using internal penetration testing resources (Edgescan is operated by multiple teams of penetration testers)
- Our penetration testing methodology is CREST accredited
- Our solution is a PCI Approved Scanning Vendor
- https://www.pcisecuritystandards.org/assessors_and_solutions/approved_scanning_vendors
- We conduct annual penetration testing of our entire platform and internet-facing assets by a third-party penetration testing company.
- Security events are monitored by our operations team
- We maintain a strong ‘Secure Coding’ ethos for our developers and are happy to share our Secure Development Policies
- We utilize static code analysis in our build pipeline
- We utilize dependency auditing in our build pipeline
- Our production stack is all fully containerized
- We operate agile development methodologies, testing in fully segregated environments prior to deployment.