Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

ImmuniWeb Launches Free Testing Tool for Website Security and PCI Compliance

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

The new Website Security Test tool checks sites for PCI DSS compliance (6.2, 6.5 and 6.6 requirements), it analyzes the content management system (CMS), checks the web server and content security policy (CSP), and looks for privacy issues.

Specifically, the tool checks if a web application firewall (WAF) is present, if the CMS and its components are up-to-date, if the JavaScript components are up-to-date, if cookies are properly configured, if web server directory listing is enabled, and if cryptojacking malware is detected.

The tool also looks at HTTP headers related to security, encryption and privacy, and CSPs designed to prevent cross-site scripting (XSS), cross-site request forgery (CSRF), ransomware, and cryptojacking attacks.

Once the test has been completed, a score is calculated and a grade between A+ and F is assigned. Users are also provided a report describing the problems found on the website.

ImmuniWeb free Website Security Test tool

“Initially designed for SMEs and organizations with nascent application security testing programs, large organizations with mature DevSecOps programs can also benefit from the service to quickly run hundreds of daily scans ensuring essential security and compliance of external web applications,” ImmuniWeb said.

Advertisement. Scroll to continue reading.

ImmuniWeb’s solutions allow organizations to discover all their external applications and web services, conduct security and privacy assessments for websites and mobile applications, and continuously monitor security, compliance and integrity of a web application.

The company also offers several other free tools, including for testing the security of mobile applicationsfinding phishing websites, and testing a site’s SSL/TLS security and implementation.

“Our free community offering enables our company to maintain sustainable relations with the community, get valuable feedback and actionable data on the global state of application security. We are excited to see a steadily growing number of users, many of whom later become commercial customers for our ImmuniWeb AI offering,” said Ilia Kolochenko, CEO and founder of ImmuniWeb.

Related: NSA Makes Reverse Engineering Tool Freely Available

Related: Kaspersky Lab Launches New Threat Intelligence Tool

Related: Dragos Acquires NexDefense, Releases Free ICS Assessment Tools

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.