Edgescan was founded in 2011 to address the problem of system (in)security whilst keeping pace with rapid development and change. Using the latest technologies edgescan provides high class vulnerability management paired with expert manual validation for every vulnerability.

Enterprises need to truly provide safe digital experiences to their customers, partners and entire ecosystem by securing the applications and supporting host infrastructure at the heart of their business on a continuous basis. With the expert manual validation, context of each vulnerability is taken into account when it is being risk rated to ensure that the potential risk to each organisation is understood completely.

edgescan exists to make this possible. edgescan is one of a few cyber security companies which enables enterprises to secure and be proactive in their defence of their digital businesses. From application and host development to production deployment, and from the desktop to API to cloud to mobile devices, we secure the web applications and infrastructure that people rely on in their personal and professional lives. We call this vulnerability intelligence.

Our Approach – How we stand out as an award winning Cyber Security Company

  • edgescan is unique regarding our approach compared to other cyber security companies. We provide “Fullstack Vulnerability Management” using seasoned penetration testers and also have the capability to provide both training and traditional penetration testing to support our clients
  • edgescan is the most accurate, complete and cost-effective website and network vulnerability management solution available.
  • edgescan is a Software-as-a-Service (SaaS) platform designed from the ground up to scale massively, currently supporting some of the world’s largest enterprises , providing the most compelling business efficiencies and lowering overall cost of ownership.
  • Unlike traditional security scanning tools or consultants, edgescan is the only solution to combine highly advanced scanning technology with custom testing by our security engineers. It’s our hybrid approach including a team of web and network security experts who make edgescan so effective.

Vulnerability Intelligence Integration

edgescan provides a powerful API which can integrate easily into your ecosystem in order to correlate and reconcile with GRC, Bug Tracking, and DevSecOps systems.

Security Orchestration

One challenge of successful vulnerability management is to orchestrate discovered vulnerabilities such that they are mitigated, tracked, measured so we can see improvement and measure security posture.

edgescan provides a very powerful simple API which can integrate with virtually anything:

Out-of-the-box integration

Out-of-the-box edgescan integrates with Web Application Firewalls (WAF) such as Mod_Security, F5 and Citrix NetScaler. edgescan also integrates with more Governance Risk and Compliance platforms (GRC) and bug tracking systems such as Jira, Service Now, RSAM, etc.

Alerting and situational awareness

edgescan provides highly customized “event” capabilities and  provides alerting via WebHooks, Slack, email and SMS. The ability to be alerted when required is of paramount importance.

Continuous Assessment keeping pace with development and constant change…

Today enterprise organisations deploy a wide range of systems, servers, cloud and web applications, accessible from any location. Visibility of such systems in terms of security posture is of vital importance.  The lack of management and not understanding what to manage (no visibility) from a vulnerability standpoint results in assets which are an easy target for hackers and may result in a data breach.

Visibility is key to maintaining a secure posture. edgescan provides that visibility in many ways from Metrics to Asset Profiling to Continuous Vulnerability Detection and Intelligence.

  • As new features/code or systems are deployed edgescan will help ensure you have no cyber security vulnerabilities.
  • As new vulnerabilities are discovered in the industry, edgescan will inform you if you are vulnerable.
  • As new systems are deployed edgescan can automatically inform you of the any new services discovered also scan the system for web and infrastructure vulnerabilities.
  • The edgescan delivery model also ensures all vulnerabilities discovered are validated by experts and expert support is also included to help you maintain a secure posture.

Fullstack Coverage, Visibility and Support…


edgescan provides complete Full Stack Vulnerability management (web application & hosting infrastructure) security at a scale and accuracy unmatched in the industry. No matter how many systems or web applications or how often they change, we can assess an unlimited number of sites without accuracy suffering.

Our operations staff are also professional consultants who validate and manage the vulnerability detection service, but also deliver professional services engagement to our clients.

Network Security Solutions

Protect the usability and integrity of your network and data with network security solutions from edgescan

Network & Cloud infrastructure

edgescan delivers full stack vulnerability management, from “top to tail”, this means deep security assessment of both web applications, supporting app servers, components and associated hosting environments.

With a growing capability to test for over 90,000 CVE’s edgescan covers off supporting systems in both cloud and data center environments. All issues discovered are validated by security experts.


Protocol, Port, DNS, Status – We’ve got you covered. All edgescan licenses include Continuous Asset Profiling which helps you discover and manage thousands of systems exposed services and ports on a continuous bases. Coupled with the edgescan events alerting functionality provides unparalleled visibility.


We detect, asset profile and validate all vulnerabilities on the network layer. edgescan detects over 90,000 CVE’s (and counting), Open ports, misconfigurations, protocol weaknesses, firewall and ACL issues, Cryptography issues, patching weaknesses and all the non-web application security concerns associated with an entire system.

Internet Facing of Internal systems

Both internal and public facing network assets can be assessed using edgescan and if required a (virtual or hardware) on premise appliance can be deployed to assist with internal assessments