It is said to be the first cloud-based web application security assessment SaaS for SMBs to combine automated vulnerability scanning and manual penetration testing in parallel.
High-Tech Bridge, a Swiss information security company, has extended the recently announced public beta launch of its cloud-based web vulnerability scanning and penetration testing service called ImmuniWeb.
A combination of automated security assessment with manual penetration testing, ImmuniWeb aims to bring ethical hacking within the reach of any SMB and even private persons. ImmuniWeb’s hybrid approach significantly reduces the rate of false-negatives and totally eliminates false-positives in assessment reports.
High-Tech Bridge’s Security Advisories demonstrate that SMBs’ websites are clearly a prime target for hackers, with, for example, SQL and XSS threats increasing in open-source web platforms commonly used by SMBs.
Ilia Kolochenko, CEO of High-Tech Bridge and lecturer on Cyber Crime at HES-SO University, Switzerland, said: "Today many SMBs are unfairly prevented from securing their websites due to low budgets, lack of in-house technical skills or administrative restrictions. ImmuniWeb will enable SMBs to secure their websites in a simple, efficient and cost-effective manner."
By combining the work of High-Tech Bridge’s security auditors and a proprietary web security scanner, High-Tech Bridge is making its penetration testing skills, experience, knowledge-base and research in the web application security domain accessible to smaller companies.
ImmuniWeb reports are actionable by SMBs who do not employ in-house security experts.
Kolochenko explained: "Website developers and owners want to know that they can rely on an assessment report to cover what the issues are and how to go about addressing them – they should not have to read complicated technical reports, full of security jargon.
"Details on how any detected vulnerability can be exploited and recommended fixes are provided by our security auditors in an easy-to-understand format, which is especially useful for individuals unfamiliar with web security. At the same time we strictly follow industry best-practises and standards, such as CVE and CWE Compatibility certifications, which we have recently obtained for ImmuniWeb."
High-Tech Bridge has invested more than £3.3m in developing the technology behind the ImmuniWeb back- and front-ends.