ImmuniWeb AI Platform Major Update Q2 2021

News | 28.05.2021

New features and functionalities enhance web and mobile application security testing capabilities, and expand attack surface monitoring and third-party risk management.

After successfully passing our annual ISO 27001 audit by SGS, with 0 minor and 0 major non-conformities, ImmuniWeb is delighted to present new features and improvements of the ImmuniWeb®AI Platform for Q2 2021.

The updates, among other things, make supply chain attack mitigation and agile security testing even easier and faster both for on premise and cloud infrastructure, while taking into consideration Zero Trust Model. Below is a short summary of new features and functionalities available to all our customers and partners at no additional cost starting on May 28, 2021:

  • Improved asset classification and risk scoring for ImmuniWeb Discovery. The update also includes additional asset search and filter capacities, expanded asset history and labeling.
  • Enhanced Dark Web detection capabilities for ImmuniWeb Discovery now include parsing of raw dumps of stolen or exposed data to be presented on the dashboard in a readable and easily exportable manner.
  • Expanded cloud discovery capabilities bring additional detection of cloud instances in AWS and Microsoft Azure ecosystems and reduce the overall detection time.
  • Better phishing and squatting detection for ImmuniWeb Discovery. The ameliorated algorithms now provide more results and minimize false positives in addition to expanded history and logging capacities.
  • MITRE ATT&CK® tactics and techniques inclusion into web and mobile applications penetration testing capacities. At the project creation step, our customers may now simply indicate specific attack scenarios to be performed in addition to the OWASP WSTG and MSTG checks and tests.
  • Expanded privacy audit for web and mobile application penetration testing. This includes various specific requirements and security controls imposed by GDPR, CCPA, HIPAA and other privacy laws and regulations.
  • Review of DoS and DDoS susceptibility for web applications are included into our web penetration testing capacities. The new set of production-safe tests focus on application’s and middleware’s (e.g. load balancers, cloud WAF) configurations to better prevent DoS and resist Distributed DoS attacks.
  • Advanced network misconfiguration testing for mobile app penetration testing capacities of ImmuniWeb MobileSuite. The new checks also include advanced verification of encryption and authentication hardening.
  • Anomaly detection enhances the existing 2FA on the Portal for all customer accounts with active projects by sending instant email alerts when a login takes place from a previously unknown geo location.

Additionally, ImmuniWeb released a major update to the list of compliance and regulatory requirements from around the globe that ImmuniWeb® AI Platform helps to address in a continuous and cost-efficient manner.

We are grateful to all our customers and partners for their trust and valuable input on how to make our award-winning Platform even better and faster. At ImmuniWeb, we work hard to continuously stay ahead of the rapidly evolving cyber threat landscape to ensure continuation of our record growth. More exciting things are coming soon, please stay tuned.

Ilia Kolochenko CEO and Chief Architect at ImmuniWeb