Overview

Edgescan provides vulnerability management solutions using a "software as a service" model. It has added cloud-based compliance and web application security offerings.

Hunters correlate data from Edgescan on various entities like domains and hostnames and uses it for enrichment and correlation related to vulnerability management.

Supported Data Types

  • Edgescan Hosts - this data type offers a list of all the hosts in the network

  • Edgescan Vulnerabilities - this data type provides a list of vulnerabilities in the network

Sending Data to Hunters

To enable Hunters collection of Edgescan logs for your tenant, you will need to provide Hunters:

  • User Name

  • Token - you can find here an explanation of how to generate a new Token.

  • Host - the API host associated with your tenant.

Example of the keys:
{
'user_name': 'dev.123',
'token': '5d90c7ecf574d728|265',
'host': 'live.edgescan.com'
}
CODE

Alternatively, you can collect the Edgescan logs from your network to a shared Storage Service (e.g. to an S3 bucket or Azure Blob Storage) shared with Hunters.

The expected format of the logs is the JSON format as exported by Edgescan.

Edgescan Hosts data sample
{'id': 193422, 'asset_id': 1052, 'location': '52.66.16.56', 'label': None, 'status': 'dead', 'hostnames': ['ec2-52-54-16-56.eu-west-3.compute.amazonaws.com'], 'updated_at': '2022-08-30T14:15:09.637Z', 'os_name': 'Linux 2.6.X', 'apis_detected': False}
CODE

 

Edgescan Vulnerabilities data sample
{'id': 22409329, 'name': 'Weak Key Exchange (KEX) Algorithm(s) Supported (SSH)', 'definition_id': 8539, 'asset_id': 45377, 'asset_name': 'RIPE 4564P', 'severity': 1, 'threat': 1, 'risk': 1, 'cvss_score': 0.0, 'cvss_vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:N', 'cvss_v2_score': None, 'cvss_v2_vector': None, 'cvss_version': None, 'cves': [], 'altered_score': False, 'date_opened': '2022-10-18T14:37:57.571Z', 'date_closed': None, 'status': 'open', 'pci_compliance_status': 'pass', 'location': 'some.place.com', 'location_specifier_id': 267774, 'confidence': 80, 'label': None, 'layer': 'network', 'last_pci_exception': None, 'updated_at': '2022-10-17T13:39:05.573Z', 'created_at': '2022-10-08T04:51:15.224Z', 'on_cisa_list': False}
CODE