UK MCSS Compliance and Application Security

Developed by the UK government and the National Cyber Security Centre (NCSC), the Minimum Cyber Security
Standard (MCSS) provides a minimum set of cybersecurity measures which are mandatory
for the UK government and its departments.

UK Minimum Cyber Security Standard

Section 6 (d)

“To protect digital services, you shall:

I. Ensure the web application is not susceptible to common security vulnerabilities, such as described in the top ten Open Web Application Security Project (OWASP) vulnerabilities.

II. Ensure the underlying infrastructure is secure, including verifying that the hosting environment is maintained securely and that you have appropriately exercised your responsibilities for securely configuring the infrastructure and platform.

III. Protect data in transit using well-configured TLS v1.2.”

ImmuniWeb® Products for UK MCSS Compliance

Application security and compliance starts with visibility. You cannot protect what you don't know. Therefore, we recommend starting UK MCSS with an asset discovery and inventory.

ImmuniWeb® Discovery rapidly detects your external web, mobile and cloud assets equipped with asset’s attractiveness and hackability scores. Based on Big Data and our proprietary AI technology, the entire process is rapid and non-intrusive. Once you have a comprehensive and up2date inventory of your assets, you are ready to start a well-informed and risk-based application security testing.

For one-time security testing of you web applications and APIs, we recommend using ImmuniWeb® On-Demand. For iOS and Android mobile apps and their backend (e.g. API or REST/SOAP web services) we provide all-inclusive testing with ImmuniWeb® MobileSuite.

For most critical applications that directly impact your UK MCSS we offer ImmuniWeb® Continuous for incremental 24/7 testing of any new or updated code.

All ImmuniWeb® products leverage our award-winning Multilayer Application Security Testing and AI technology for intelligent automation and acceleration of Application Security Testing. Driven by human penetration testing, it rapidly detects even the most sophisticated vulnerabilities and comes with a zero false-positives SLA:

ImmuniWeb® Products for UK MCSS Compliance

ImmuniWeb® Discovery
ImmuniWeb® Discovery Application Security Score Card
Web Mobile API Cloud
ImmuniWeb® MobileSuite
ImmuniWeb® MobileSuite One-Time Mobile Audit
Mobile API Cloud
From $1,499
ImmuniWeb® On-Demand
ImmuniWeb® On-Demand One-Time Web Application Audit
Web API Cloud
From $499
ImmuniWeb Continuous
ImmuniWeb® Continuous 24/7 Web Security Testing
Web API Cloud
From $1,199 / month
Quick Start
Free Trial