Security Testing
      Back to home
      1. Help Center
      2. Security Best Practices
      3. Security Testing

      How does Edgescan keep the platform secure?

      Edgescan has ISO27001 and many different compliance criteria. We take a proactive approach to securing the platform.

      Version Number: v1.0.1

      Published Date: 13 May 2024

      ____________________________________________________________________________

      • All production data is located in AWS and encrypted at rest (using AWS KMS)​
      • All data is encrypted in transport (TLS 1.2+)​
      • Edgescan ISO27001 Certification (Scope includes full company, service offerings and offices)​
        • https://landing.edgescan.com/hubfs/Certifications/Edgescan%20ISO27001%20CertA4%20ED2024.pdf​
      • Edgescan production services are all located in Amazon AWS. AWS have some of the most stringent certificates of any cloud provider (including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, ISO27001)​
      • Multi-factor authentication using different methods is fully supported and can be enforced per client.​
      • Granular user permissions and roles can be created within each client organization, restricting access to specific assets only if required.​
      • Strong password controls are supported such as automatic account lockout etc.​
      • Strong authorization controls and logical separation of customer data is enforced​
      • SSO schemes are supported (e.g. SAML2).