WINNER - Best Vulnerability Management Solution: Edgescan
Edgescan Fullstack Vulnerability Management was described by our judges as a “Good all-rounder,” and “A highly scalable SaaS solution with good TCO, collaboration across other tools. A strong solution,” concluding it is a: “Valuable product that addresses major external threats and adds human context.”
The company says that the tool is designed to provide vulnerability management detection and continuous system visibility to validate and risk-rate vulnerabilities facing organisations, so they don’t have to. This hybrid cloud-based solution covers both web and server security to provide real actionable risk intelligence, contextualised to the user’s organisation.
Highly customised “event” capabilities provide alerting via WebHooks, Slack, email and SMS with the ability to be alerted when required. A completely turnkey approach is offered, from on-boarding to vulnerability detection to integration and visibility, which Edgescan says can help vulnerability management processes mature dramatically in three weeks or less, enabling CISOs to show tangible results to the board. Security professionals and automation are described as working in parallel to minimise false positives.
Black Duck Software Composition Analysis (SCA) by Synopsys
Our judges were impressed with the highly commended entry and good customer testimonials for Black Duck Software Composition Analysis,from the Synopsys stable. They said that it, “provides customers the most complete and accurate view of open source in their software.” And in a world of Madgecart attacks it was seen as, “an excellent tool to add to the CISO arsenal.” It is designed to provide a comprehensive solution for managing security, licence, and code quality risks associated with open source.
Seeker – Interactive Application Security Testing (IAST) Solution by Synopsys
Coverity Static Application Security Testing (SAST) by Synopsys