Font Size: A A A

Home > News > Interviews > Website testing

Interviews

Website testing

After a year of private Beta testing, High-Tech Bridge announces its ImmuniWeb – web application and website security testing SaaS (Software-as-a-Service). According to the IT firm, that enables anyone, regardless of company size, to hire professional ethical hackers online for $990.

ImmuniWeb is described as a hybrid of accurate manual web application penetration test and vulnerability scanning, performed in parallel. Manual testing by High-Tech Bridge web penetration testers guarantees the firm claims zero false-positives and minimises the number of false-negatives in the report. The automated side of the assessment is performed by ImmuniWeb Security Scanner, developed by High-Tech Bridge from scratch. Project configuration and management, secure online payment and report delivery is done online via ImmuniWeb Portal .

ImmuniWeb claims that its hybrid approach to web application security testing outshines the quality of the automated tools, scanners and services that dominate the market. An ImmuniWeb report is manually written by a penetration tester who provides customised solutions for each weakness and vulnerability detected, ensuring that the customer can easily understand the issues and implement fixes.

Tested on thousands of small and several hundreds of large live websites, ImmuniWeb’s has been tested on websites that use different web frameworks, platforms and web programming languages.

Graham Cluley, the computer security analyst, said of ImmuniWeb : “What’s cool is that the ImmuniWeb service isn’t just a web vulnerability scanner, hunting for flaws on customers’ websites. At the same time as that is running, High-Tech Bridge also has a team of ethical hackers, with years of professional web security experience, manually attempting to penetrate websites, and searching for flaws and weaknesses.”
UN agency, the International Telecommunication Union (ITU), uses ImmuniWeb as part of the toolset to ensure that the governmental websites of ITU’s Member States are secure. “This partnership with High-Tech Bridge, within the framework of the ITU-IMPACT initiative, will assist Member States, in particular developing and least developed countries, to use these tools to improve the security of their websites and counter cyber threats and related vulnerabilities,” said ITU Secretary-General Dr Hamadoun I. Toure.

“It certainly appears that the hybrid approach [of web application security testing], introduced to the global market by ImmuniWeb, represents a highly efficient, new generation solution, offering speed, simplicity, cost-effectiveness and additional quality, afforded by the parallel manual penetration testing” said Alexander Michael , Director of ICT Consulting at Frost & Sullivan .

Introduced by High-Tech Bridge to the market in 2013 the hybrid approach to testing web application security benefits from an on-demand SaaS delivery model, simple set up, an assessment with zero false positives, comprehensive report and competitive pricing. ImmuniWeb SaaS received CWE and CVE compatibility certification from MITRE in 2013.

Ilia Kolochenko, High-Tech Bridge’s CEO, says: “We are very happy to offer ImmuniWeb on-demand web penetration testing to everybody today, it’s a very important milestone for our company and a very positive change for the web security market. This is the outcome of four years of development and one year of very intensive work under the Beta version of ImmuniWeb. Beta testing was very useful as we were able to talk to many different companies, organisations, governments and independent experts who all brought great ideas on how to make our service better and easier. We considered every opinion to improve and perfect ImmuniWeb, and we are grateful to all our customers, partners, testers and security analysts who helped us make it better.”

And Marsel Nizamutdinov, High-Tech Bridge’s Chief Research Officer, says: “The entire ImmuniWeb technology was greatly improved thanks to user feedback while we were in Beta. Our penetration testing team was better organised and interlinked with our internal research team and their knowledge base. The ImmuniWeb Security Scanner was enhanced with many small but effective features and improvements that ameliorated vulnerability detection algorithms. Revision of some core scanning algorithms permitted us to significantly increase the scanner’s crawler speed and scope of analysis. As for ImmuniWeb Portal – it was adopted to make project management even more simple, fast and comprehensive.


Tags

Related News