Hybrid of Machine Learning Technology and Human Brain
ImmuniWeb® Web Security Platform explained by infosec professionals for infosec professionals:
Hey, how are you doing? Enjoying your new CISO role? ;)
Reading ImmuniWeb report for our new web service.
One more vulnerability scanner? You got nothing better do than browsing false-positives on Friday evening? :)
No way! I stopped using vulnerability scanners since the first time I tried ImmuniWeb. Their hybrid concept of penetration testing in parallel with managed vulnerability scanning outperforms any web scanner.
Doesn't every one run WebInspect or Acunetix in the background while testing manually?
Nope. Their 100% in-house vulnerability scanning platform is supervised by experienced penetration testers in real-time who look after it to optimize crawling and smart fuzzing processes on the fly.
In parallel, the penetration testers manually test application logic and other complicated flaws.
Hm, gotcha. But how they are different from classic web penetration testing, except zero false-positives?
Their vulnerability scanning platform is synchronized with manual penetration testing in real-time. The platform instantly gets all the input from the penetration testers, while the penetration testers constantly see vulnerability scanning results.
Wow, this means that their penetration testers don't waste time putting together automated and manual testing results? This must make their pricing very competitive compared to classic pentesting.
Yeah, exactly. Furthermore, their vulnerability detection algorithms use machine-learning. If a vulnerability cannot be confirmed by the scanning platform, it will refer to similar flaws detected in the past and see if penetration testers approved or declined similar findings. This makes every new security assessment more accurate and rapid.
What a classic pentest can find in 5 days, they can do in 3.
Sounds really cool! Will give them a call on Monday.
You don't need to wait till Monday: on their Portal you can customize and order any package 24/7. No more paperwork or time-wasting phone calls with a call center on the other side of the world.
Whoa! I wish I could use them for continuous monitoring of my web apps and the web services behind.
ImmuniWeb Continuous can easily do it. 24/7 web application security and change monitoring, instant SMS or email notifications about new vulnerabilities, and a modern vulnerability management dashboard...
Zero false-positives guaranteed.
Must cost a fortune?..
Less than a vuln scanner annual license.
Wow, that's as innovative as a Tesla, but not expensive??
Just check it:
Wish I knew about them before!!