- Help Center
- Security Best Practices
- Security Testing
-
Getting Started
-
Platform Overview
-
Scanning & Testing
-
Troubleshooting Asset Blockers
-
Vulnerability Management
-
Attack Surface Management
-
Continuous Threat Exposure Management (CTEM)
-
Integrations
-
Reporting
-
Security Best Practices
-
Advanced Features & Customizations
-
Troubleshooting & FAQs
-
Updates & Announcements
How does Edgescan keep the platform secure?
Edgescan has ISO27001 and many different compliance criteria. We take a proactive approach to securing the platform.
Version Number: v1.0.1
Published Date: 13 May 2024
____________________________________________________________________________
- All production data is located in AWS and encrypted at rest (using AWS KMS)
- All data is encrypted in transport (TLS 1.2+)
- Edgescan ISO27001 Certification (Scope includes full company, service offerings and offices)
- https://landing.edgescan.com/hubfs/Certifications/Edgescan%20ISO27001%20CertA4%20ED2024.pdf
- Edgescan production services are all located in Amazon AWS. AWS have some of the most stringent certificates of any cloud provider (including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, ISO27001)
- Multi-factor authentication using different methods is fully supported and can be enforced per client.
- Granular user permissions and roles can be created within each client organization, restricting access to specific assets only if required.
- Strong password controls are supported such as automatic account lockout etc.
- Strong authorization controls and logical separation of customer data is enforced
- SSO schemes are supported (e.g. SAML2).