ImmuniWeb Launches Free Website Security and PCI DSS Compliance Test

The non-intrusive online test quickly assesses relevant PCI DSS requirements, verifies CMS security and runs a privacy check.

TEL AVIV, Israel--()--ImmuniWeb, a global provider of web, mobile and API security testing and risk ratings, will be showcasing its free new website security test at the OWASP Global AppSec Conference in Tel Aviv on 26-30 May 2019.

The test is initially designed for SMEs and organizations with nascent application security testing programs. Large organizations with mature DevSecOps programs can benefit from the service to quickly run hundreds of scans ensuring essential security and compliance of their external web applications.

The test will:

  • Verify PCI DSS requirements 6.2, 6.5 and 6.6.
  • Fingerprint versions of over 100 most popular CMS, web frameworks and over 165,000 of their plugins.
  • Run a comprehensive vulnerability check for all known vulnerabilities in the fingerprinted software.
  • Check over 20 HTTP headers related to security, encryption or privacy for strong configurations in line with industry best practices, including ones from OWASP.
  • Assess Content Security Policy (CSP) to prevent some XSS and CSRF exploitation vectors, and variations of ransomware and Cryptojacking attacks.

So far, among almost 40 million public websites tested, only 9.74% contain up2date software, 2.07% satisfy the aforementioned PCI DSS requirements, and as few as 2.39% are protected with a WAF.

Ilia Kolochenko, CEO and Founder or ImmuniWeb, says: “Our free community offering enables us to maintain relations with the community, get valuable feedback and actionable data on the state of application security. We’re excited to see a steadily growing number of users, many of whom later become our loyal clients.”

The website security test is also integrated with the freemium ImmuniWeb® Discovery offering based on OSINT technology for non-intrusive discovery of an organization’s external attack surface. ImmuniWeb Discovery quickly builds a comprehensive inventory of organization’s external web, mobile and cloud assets, providing comprehensive asset visibility.

About ImmuniWeb

ImmuniWeb® AI platform leverages its proprietary Multilayer Application Security Testing technology for a rapid, DevSecOps-enabled and cost-effective application penetration testing via ImmuniWeb® On-Demand, Continuous and MobileSuite offerings. ImmuniWeb is a recipient of many prestigious awards and industry recognitions including Gartner Cool Vendor, IDC Innovator and the winner of SC Awards Europe 2018 in “Best Usage of Machine Learning and AI” category.


Ranbir Sahota

Release Summary

ImmuniWeb will be showcasing its free new website security test at the OWASP Global AppSec Conference in Tel Aviv on 26-30 May 2019.


Ranbir Sahota