Press release

ImmuniWeb Launches Free Website Security and PCI DSS Compliance Test

Sponsored by Businesswire

a global provider of web, mobile and API security testing and risk
, expands its free community offering with a website
security test
. Initially designed for SMEs and organizations with
nascent application security testing programs, large organizations with
mature DevSecOps programs can also benefit from the service to quickly
run hundreds of daily scans ensuring essential security and compliance
of external web applications.

Once launched, the test will:

  • Verify PCI DSS requirements 6.2, 6.5 and 6.6.
  • Fingerprint versions of over 100 most popular CMS, web frameworks and
    over 165,000 of their plugins.
  • Run a comprehensive vulnerability check for all known vulnerabilities
    in the fingerprinted software.
  • Check over 20 HTTP headers related to security, encryption or privacy
    for strong configurations in line with industry best practices,
    including ones from OWASP.
  • Assess Content Security Policy (CSP) to prevent some XSS
    and CSRF
    exploitation vectors, as well as variations of ransomware and
    Cryptojacking attacks.

Among almost 40 million public websites tested, only 9.74% contain
up2date software, 2.07% satisfy the aforementioned PCI DSS requirements,
and only 2.39% are protected with a WAF.

Ilia Kolochenko, CEO and Founder or ImmuniWeb, says: “Our free community
enables our company to maintain sustainable relations with
the community, get valuable feedback and actionable data on the global
state of application security. We are excited to see a steadily growing
number of users, many of whom later become commercial customers for our
ImmuniWeb® AI offering.”

The website security test is now also integrated with the freemium ImmuniWeb®
offering based on OSINT technology for non-intrusive
discovery of an organization’s external attack surface. ImmuniWeb
Discovery quickly builds a comprehensive inventory of an organization’s
external web, mobile and cloud assets, providing an ultimate asset
visibility to organizations of all sizes.

About ImmuniWeb

ImmuniWeb® AI platform leverages its proprietary Multilayer
Application Security Testing
technology (DAST, IAST, SCA) for a
rapid, DevSecOps-enabled and cost-effective application penetration
testing via ImmuniWeb® On-Demand,
and MobileSuite
offerings. ImmuniWeb is a recipient of many prestigious awards and
industry recognitions including Gartner Cool Vendor, IDC Innovator and
the winner of SC Awards Europe 2018 in the “Best Usage of AI/ML”