Story image

Search and destroy: Secure your web apps with zero false-positives

20 Aug 18

Every business uses a number of applications on any given day to keep their business alive – but those applications come with risks. Security issues that aren’t swiftly dealt with could kill a business, but it can be overwhelming when trying to find the right way to approach the problem.

Application security testing is becoming even better than it was five years ago, thanks to advances in artificial intelligence and machine learning technologies. One of the companies that is leading the way in AI and machine learning for application security testing is High-Tech Bridge.

These technologies enable intelligent automation and acceleration of application security testing, which is complemented by scalable, manual testing. Combined, automation and human intelligence result in the ultimate web application and micro-service testing.

High-Tech Bridge’s ImmuniWeb AI platform features intelligent vulnerability scanning and intelligent penetration testing, all manageable through one customer dashboard tailored for DevSecOps and CI/CD needs.

ImmuniWeb AI contains six products that can be operated separately or jointly, providing web and mobile application security testing services, such as DAST, SAST, IAST and SCA. A freemimum offering of ImmuniWeb Discovery builds you a comprehensive inventory of all your external web applications, domains, SSL certificates, unprotected cloud storage (e.g. Amazon S3 buckets), web-based APIs and micro services.

ImmuniWeb On-Demand is a perfect choice for one- time application security and privacy testing. All it takes is five steps after you register: Configure an assessment, select a package that suits best, and pay, schedule the assessment, and finally download the report.

ImmuniWeb On-Demand AST provides features tailed to your organisation’s size, whether it’s a small business or a corporate enterprise. Those features include penetration testing, vulnerability scanning, unlimited patch verification, and zero false-positives SLA.

Let’s look at that last point: zero-false positives SLA. One of the issues with a lot of security tests is that false-positives can occur, putting security teams on the offensive for no good reason.

High-Tech Bridge has mastered its testing so that there are zero false-positives. And if for some reason there is a single false-positive, customers get their money back.

With false-positives out of the way, businesses will want to know exactly what the real vulnerabilities are, without wading through hard-to-understand reports.

When you create a new project within ImmuniWeb On-Demand AST, the platform analyses the application and automatically produces an easy-to-read assessment report that provides an overall view of vulnerabilities and their risk levels (for example, low risk through to critical risk), known web application vulnerabilities, and much more.

The dashboard also provides easy access to vulnerability data, which businesses can download for further analysis.  Invoices are also accessible through the dashboard.

All of this is also available in free demo assessments and report samples, so you can get an idea of what your report might look like before conducting an assessment on your own website.

ImmuniWeb On-Demand AST brings together everything you could want in an application security test. AI-enabled testing, intelligent vulnerability scanning, and easy-to read reports that businesses can use to take action and protect their business.

To get hands-on with High-Tech Bridge's ImmuniWeb platform, click here for more details.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Exclusive: Okta’s new GM shares its APAC strategy
“We believe that partnering with systems integrators, independent software vendors and consulting companies is a key factor of success for Okta.”
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”