CASE STUDY

We are a relatively young company and we brought Edgescan on board quite early on , so rather than transitioning from another vulnerability management solution , it was more a case of deploying the Edgescan SaaS across our IT infrastructure . We operate in the Operational Technology ( OT ) space as well , but currently we have a different approach to securing that side of the business . When we adopted Edgescan , our focus was to ensure that security was designed into our processes , building it from the ground up and embedding it into our operations .

Did you consider other solutions before you settled on Edgescan ?

Yes , we went through our regular sourcing process , but the other vulnerability management solutions that came up against Edgescan were all fully automated . The human factor was what tipped in favour of Edgescan : we really saw the value in having a team of qualified pentesters verifying each and every vulnerability , providing us with intelligence and patching support should we need it .

How did you find the onboarding process ?

How has Archroma benefitted from using Edgescan ?

Edgescan gives us the peace of mind that comes with knowing that our vulnerability management solution is virtually false-positive free . The accuracy that comes with human validation , paired with the efficiency of automatic , continuous scanning , means that my team now knows that whenever a vulnerability is flagged , the vulnerability is there and they can continue working until they find it and fix it .

Have you seen a quantifiable Return on Investment after you brought Edgescan on board ?

ROI is notoriously difficult to quantify in cybersecurity , but according to Edgescan ’ s own data , the validation of vulnerabilities saved 4,500 staff hours . I think that ’ s where the real value of this solution lies : having a team of qualified professionals on the case 24 / 7 means that my team can focus on higher tasks in the security function .

Furthermore , the certainty that when an alert is raised it will not be a false positive is another crucial time-saver . My analysts trust that if the platform tells them there is a vulnerability to fix , the vulnerability will be there .

The onboarding was very swift . We started with an asset discovery and it didn ’ t take more than two weeks to have the solution up and running and set up across Archroma ’ s entire IT infrastructure .

This didn ’ t happen overnight , the team needed to gain trust that the solution was accurate . When they realised that there were virtually no false positives , Edgescan ’ s vulnerability management platform really

64 INTELLIGENTCIO EUROPE www . intelligentcio . com