Edgescan

Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Edgescan Hosts

edgescan_hosts

NDJSON

API

Edgescan Vulnerabilities

✅

edgescan_vulnerabilities

NDJSON

API


Overview

imageEdgescan provides vulnerability management solutions using a "software as a service" model. It has added cloud-based compliance and web application security offerings.
Hunters correlates data from Edgescan on various entities like domains and hostnames and uses it for enrichment and correlation related to vulnerability management.

Supported data types

Edgescan Hosts

Table name: edgescan_hosts

This data type offers a list of all the hosts in the network.

Edgescan Vulnerabilities

Table name: edgescan_vulnerabilities

This data type provides a list of vulnerabilities in the network

Send data to Hunters

To connect Edgescan logs:

  1. Gather the following information from your Edgescan account:

    • User Name - Your Edgescan user name. Example: dev.123.

    • Token - you can find an explanation of how to generate a new Token here. Example: 5d90c7ecf574d728|265.

    • Host - the API host associated with your tenant. Example: live.edgescan.com.

  2. Complete the process on the Hunters platform, following this process.

Expected format

The expected format of the logs is the NDJSON format as exported by Edgescan.

Edgescan Hosts log sample

{'id': 193422, 'asset_id': 1052, 'location': '52.66.16.56', 'label': None, 'status': 'dead', 'hostnames': ['ec2-52-54-16-56.eu-west-3.compute.amazonaws.com'], 'updated_at': '2022-08-30T14:15:09.637Z', 'os_name': 'Linux 2.6.X', 'apis_detected': False}

Edgescan Vulnerabilities log sample

{'id': 22409329, 'name': 'Weak Key Exchange (KEX) Algorithm(s) Supported (SSH)', 'definition_id': 8539, 'asset_id': 45377, 'asset_name': 'RIPE 4564P', 'severity': 1, 'threat': 1, 'risk': 1, 'cvss_score': 0.0, 'cvss_vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:N', 'cvss_v2_score': None, 'cvss_v2_vector': None, 'cvss_version': None, 'cves': [], 'altered_score': False, 'date_opened': '2022-10-18T14:37:57.571Z', 'date_closed': None, 'status': 'open', 'pci_compliance_status': 'pass', 'location': 'some.place.com', 'location_specifier_id': 267774, 'confidence': 80, 'label': None, 'layer': 'network', 'last_pci_exception': None, 'updated_at': '2022-10-17T13:39:05.573Z', 'created_at': '2022-10-08T04:51:15.224Z', 'on_cisa_list': False}