Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

ImmuniWeb Launches Free Testing Tool for Website Security and PCI Compliance

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

Swiss-based web security company ImmuniWeb, known until recently as High-Tech Bridge, on Monday announced the availability of a free tool designed for testing websites.

The new Website Security Test tool checks sites for PCI DSS compliance (6.2, 6.5 and 6.6 requirements), it analyzes the content management system (CMS), checks the web server and content security policy (CSP), and looks for privacy issues.

Specifically, the tool checks if a web application firewall (WAF) is present, if the CMS and its components are up-to-date, if the JavaScript components are up-to-date, if cookies are properly configured, if web server directory listing is enabled, and if cryptojacking malware is detected.

The tool also looks at HTTP headers related to security, encryption and privacy, and CSPs designed to prevent cross-site scripting (XSS), cross-site request forgery (CSRF), ransomware, and cryptojacking attacks.

Once the test has been completed, a score is calculated and a grade between A+ and F is assigned. Users are also provided a report describing the problems found on the website.

ImmuniWeb free Website Security Test tool

“Initially designed for SMEs and organizations with nascent application security testing programs, large organizations with mature DevSecOps programs can also benefit from the service to quickly run hundreds of daily scans ensuring essential security and compliance of external web applications,” ImmuniWeb said.

ImmuniWeb’s solutions allow organizations to discover all their external applications and web services, conduct security and privacy assessments for websites and mobile applications, and continuously monitor security, compliance and integrity of a web application.

The company also offers several other free tools, including for testing the security of mobile applicationsfinding phishing websites, and testing a site’s SSL/TLS security and implementation.

Advertisement. Scroll to continue reading.

“Our free community offering enables our company to maintain sustainable relations with the community, get valuable feedback and actionable data on the global state of application security. We are excited to see a steadily growing number of users, many of whom later become commercial customers for our ImmuniWeb AI offering,” said Ilia Kolochenko, CEO and founder of ImmuniWeb.

Related: NSA Makes Reverse Engineering Tool Freely Available

Related: Kaspersky Lab Launches New Threat Intelligence Tool

Related: Dragos Acquires NexDefense, Releases Free ICS Assessment Tools

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

MorganFranklin Cyber has appointed Keith Hollender as CEO and member of the Board of Directors.

Lisa Banks has been named Chief Financial Officer at Abnormal Security.

Threat detection and response company Trellix has appointed Vishal Rao as its new CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.