Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.
The new Website Security Test tool checks sites for PCI DSS compliance (6.2, 6.5 and 6.6 requirements), it analyzes the content management system (CMS), checks the web server and content security policy (CSP), and looks for privacy issues.
The tool also looks at HTTP headers related to security, encryption and privacy, and CSPs designed to prevent cross-site scripting (XSS), cross-site request forgery (CSRF), ransomware, and cryptojacking attacks.
Once the test has been completed, a score is calculated and a grade between A+ and F is assigned. Users are also provided a report describing the problems found on the website.
“Initially designed for SMEs and organizations with nascent application security testing programs, large organizations with mature DevSecOps programs can also benefit from the service to quickly run hundreds of daily scans ensuring essential security and compliance of external web applications,” ImmuniWeb said.
ImmuniWeb’s solutions allow organizations to discover all their external applications and web services, conduct security and privacy assessments for websites and mobile applications, and continuously monitor security, compliance and integrity of a web application.
“Our free community offering enables our company to maintain sustainable relations with the community, get valuable feedback and actionable data on the global state of application security. We are excited to see a steadily growing number of users, many of whom later become commercial customers for our ImmuniWeb AI offering,” said Ilia Kolochenko, CEO and founder of ImmuniWeb.