Security Experts:

Connect with us

Hi, what are you looking for?



ImmuniWeb Launches Free Testing Tool for Website Security and PCI Compliance

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

The new Website Security Test tool checks sites for PCI DSS compliance (6.2, 6.5 and 6.6 requirements), it analyzes the content management system (CMS), checks the web server and content security policy (CSP), and looks for privacy issues.

Specifically, the tool checks if a web application firewall (WAF) is present, if the CMS and its components are up-to-date, if the JavaScript components are up-to-date, if cookies are properly configured, if web server directory listing is enabled, and if cryptojacking malware is detected.

The tool also looks at HTTP headers related to security, encryption and privacy, and CSPs designed to prevent cross-site scripting (XSS), cross-site request forgery (CSRF), ransomware, and cryptojacking attacks.

Once the test has been completed, a score is calculated and a grade between A+ and F is assigned. Users are also provided a report describing the problems found on the website.

ImmuniWeb free Website Security Test tool

“Initially designed for SMEs and organizations with nascent application security testing programs, large organizations with mature DevSecOps programs can also benefit from the service to quickly run hundreds of daily scans ensuring essential security and compliance of external web applications,” ImmuniWeb said.

ImmuniWeb’s solutions allow organizations to discover all their external applications and web services, conduct security and privacy assessments for websites and mobile applications, and continuously monitor security, compliance and integrity of a web application.

The company also offers several other free tools, including for testing the security of mobile applicationsfinding phishing websites, and testing a site’s SSL/TLS security and implementation.

“Our free community offering enables our company to maintain sustainable relations with the community, get valuable feedback and actionable data on the global state of application security. We are excited to see a steadily growing number of users, many of whom later become commercial customers for our ImmuniWeb AI offering,” said Ilia Kolochenko, CEO and founder of ImmuniWeb.

Related: NSA Makes Reverse Engineering Tool Freely Available

Related: Kaspersky Lab Launches New Threat Intelligence Tool

Related: Dragos Acquires NexDefense, Releases Free ICS Assessment Tools

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.