1. Edgescan uses automated validation and analytics to determine if vulnerabilities discovered during scans are true or false positives, automatically publishing issues with over 90% confidence.
2. Vulnerabilities with lower confidence scores or that are high severity undergo expert validation by seasoned penetration testers to further validate findings.
3. This two-step validation process helps ensure Edgescan only delivers accurate vulnerability intelligence to clients.
1. Validation of vulnerabilities
with edgescan
Validation is designed to help ensure we deliver false
positive free vulnerability intel to our clients.
1. Automation /Analytics based
2. Expert Validation.
1. Automated validation
• Automated Validation uses analytics by querying millions of vulnerability examples
from our Edgescan Data lake.
• Due to delivering hundreds of thousands of vulnerabilities we have strong
analytical models and associated data to determine if the probability of a
discovered vulnerability is a true positive.
• If such a vulnerability is discovered, based on its taxonomy, type and description
we can, with confidence, decide if a vulnerability is real or if it needs to move to
Step 2 (above). We call this an auto-commit vulnerability.
• Some vulnerabilities have a confidence probability of over 90% which results in
edgescan automatically publishing the issue to the client. If the confidence is
below a threshold the vulnerability is flagged for expert validation.
• Issues that are discovered (True positives and/or False positives) once processed
are added to the analytical data to further improve the auto commit accuracy. E.g
Vulnerabilities once determined to be True/false positives are marked as such in
the Data lake and are used to further enhance the probability models accuracy.
2. Expert validation
• Expert Validation is activated once a vulnerability is not fit for automatic validation
(Confidence interval is low from a probability standpoint or the vulnerability is a
High or Critical severity or a PCI Fail).
• Complex vulnerabilities, High and Critical severity generally undergo expert
validation.
• This results in super accurate vulnerability intelligence. Edgescan experts are
seasoned penetration testers whom, on a regular basis deliver penetration testing
fieldwork or via or PTaaS (Penetration Testing as a Service). They are OSCP/CREST
certified and certainly not SoC analysts.