ImmuniWeb® Web Security Assessment SaaS is certified CVE and CWE CompatibleJuly 2, 2013
High-Tech Bridge SA, a leading European information security and penetration testing company according to Frost & Sullivan’s Ethical Hacking Market Research in 2012, is pleased to announce that its innovative web application security assessment SaaS solution ImmuniWeb® has successfully obtained CVE and CWE Compatibility certifications from MITRE.
ImmuniWeb® is a unique hybrid of advanced web vulnerabilities scanning combined with manual penetration testing in parallel, distributed as a Software-as-a-Service solution. ImmuniWeb® enables one to assess his or her website security in a fast, reliable, accurate and cost-affordable manner. ImmuniWeb® Portal is a web platform from which customer can manage security assessment process from A to Z, as well as to receive assessment report in a secure manner. It enables even SMBs and private persons who are not familiar with information security to order security assessment of their website in less than 15 minutes.
Mr. Ilia Kolochenko, CEO of High-Tech Bridge, explains the strategy: "CVE and CWE standards have great importance for the information security industry. They significantly facilitate and accelerate communications between security researchers, software vendors and the end-users by bringing one common standard of vulnerability enumeration. The concept of ImmuniWeb® is aimed to make web application security easy, rapid and fair in terms of price/quality ratio. Today businesses have many important priorities and tasks to do, and usually they simply have no time or budget to manage their websites security in appropriate manner. ImmuniWeb® is aimed to solve this problem by enabling the customer not to spend more than 15 minutes on managing website security assessment process - ImmuniWeb® back-office will take care about everything. Being CVE and CWE compatible does not only mean that we thoroughly follow industry best-practices, but that we are trying to make ImmuniWeb® assessment report as practically usable and action-based as possible. Website developers and owners should not waste their time reading complicated technical reports, where many security vendors tend to use their own security jargon and terminology, but receive high-quality, manually verified report that will be easy to read, understand and implement suggested vulnerability remediation without much efforts. In the future we are going to facilitate the process of web application security assessment even more, increasing its quality and efficiency in parallel to be able to detect the most complex and latest web security vulnerabilities and weaknesses."
Mr. Robert A. Martin, Senior Principal Engineer at MITRE and Outreach Lead for the CVE and CWE projects, says: "We are always excited about having the CVE and CWE efforts adopted and used within commercial offerings but it is especially gratifying when it is by companies in other countries and markets, like High-Tech Bridge. Leveraging CVE and CWE in ImmuniWeb clearly makes business sense and it is directly helping their customers improve the speed and directness as they address vulnerabilities and weaknesses that are putting their organization’s at risk."