San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Research

High-Tech Bridge devotes significant internal resources to continuous security research. Some of the security studies we perform are regularly published in our blog. Vulnerabilities that our security researchers discover almost every week, help software vendors to improve security and reliability of their products. Above 300 large vendors fixed security vulnerabilities thanks to High-Tech Bridge Security Research Lab, including Microsoft, IBM, Novell, McAfee, Sony, HP, Samsung, PHP, OpenOffice, Corel, WordPress, Joomla, OpenX, SugarCRM, MantisBT, e107, MODX, Bitrix and many others.

High-Tech Bridge Security Research Lab
532 Security Advisories
335 Vendors
Released Patches
1037 Vulnerabilities

Patch Available Upon Disclosure

2014 Q3 100%
2014 Q2 92%
2014 Q1 94%
2013 Q4 89%
2013 Q3 92%
2013 Q2 100%

Vendor Average Time to Patch

2014 Q3 21 days
2014 Q2 18 days
2014 Q1 12 days
2013 Q4 8 days
2013 Q3 13 days
2013 Q2 30 days
High-Tech Bridge Security Advisories are CVE Compatible High-Tech Bridge Security Advisories CWE Compatibility High-Tech Bridge Security Advisories CVSS Adopters

Security Blog

How to secure the Internet of Things and who should be liable for it? October 6, 2015
How to secure connected devices before it will be too late?

What’s new in CVSSv3 vulnerability scoring system? September 21, 2015
In June 2015 The Forum of Incident Response and Security Teams (FIRST) has announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). Let's see the changes it brings in comparison to CVSSv2.

Blind Cross-Site Scripting (XSS) attacks in the wild September 15, 2015
One of the recent web application security researches by Gartner mentioned a blind XSS vulnerability, highlighting the importance of web security software to detect such security flaws. Many of us have heard about blind SQL injections, but what is a blind XSS?

Continuous monitoring and web security: Are you competitive with Black Hats? August 28, 2015
Nowadays security companies have to compete not only with other vendors, but also with sophisticated cyber gangs. If you will fail to detect and patch security vulnerabilities in a timely manner – Black Hats will do it for you, but for their own ends.

Web Application Security Testing: SAST, DAST or IAST? August 10, 2015
In this short blog post we will try to understand in quick and simple manner the difference between SAST and DAST testing methodologies, their advantages and disadvantages, as well as utility to combine them from the business point of view.