The new capability allows security and compliance teams to upload development standards and governance requirements directly into the Edgescan platform. Once integrated, the system automatically correlates discovered vulnerabilities across networks, APIs, and mobile environments with specific policy obligations. This transition turns static governance manuals into active security controls, providing a clear view of how an organization’s actual security posture aligns with its stated regulatory expectations.
Eoin Keary, CEO of Edgescan, noted that many companies still treat compliance as a periodic exercise rather than a continuous security measure. By linking validated vulnerabilities directly to policy failures, the platform allows teams to move beyond manual audits. This approach streamlines readiness for frameworks including ISO/IEC 27001:2022, NIS2, and OWASP ASVS, while providing CISOs with defensible evidence for stakeholders. The update complements Edgescan’s existing hybrid model, which blends automated testing with human-led penetration analysis to reduce false positives across a data set of over 20 million vulnerabilities.

Comments (0)
No comments yet. Be the first!