ImmuniWeb® Continuous

ImmuniWeb® Continuous leverages our proprietary Multilayer Application Security Testing and application change detection technologies for ongoing, DevSecOps-enabled web penetration testing. It combines our award-
winning
Machine Learning and AI technology with manual testing of new or updated code.

Continuous Web Security Monitoring

24/7 Change Monitoring

Instant detection and testing of new or updated code deployed to your web applications or API.

Comprehensive Change Testing

Full coverage of OWASP Testing Guide, including API and business logic testing.

Accurate Reporting

Zero false-positives SLA for every project and actionable remediation guidelines.

DevSecOps Tailored

24/7 technical support, patch verification, integration with WAF, SDLC and CI/CD tools.

How It Works
1 Pick a group of
web applications
2 Customize your
testing & reporting
3 Get 24/7 instant
security alerts

Standards & Methodologies

We leverage in-house application security testing methodologies in combination with:

  • OWASP Testing Guide
  • NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
  • PCI DSS Information Supplement: Penetration Testing Guidance
  • FedRAMP Penetration Test Guidance
  • ISACA’s How to Audit GDPR

We follow international standards to report security vulnerabilities:

  • Common Vulnerabilities and Exposures (CVE) Compatible
  • Common Weakness Enumeration (CWE) Compatible
  • Common Vulnerability Scoring System (CVSSv3)

Vulnerability Coverage Datasheet

  • Injection Flaws

  • Any other "High" Risk Vulnerabilities

  • Buffer Overflows

  • Cross-Site Scripting (XSS)

  • Insecure Cryptographic Storage

  • Improper Access Control

  • Insecure Communications

  • Cross-Site Request Forgery (CSRF)

  • Improper Error Handling

  • Broken Authentication and Session Management

ImmuniWeb® Continuous Packages

This package best suits applications of:
Size
Complexity
Criticality
Fixed price: $2,299 per month
Equivalent of
2.5 days of traditional
web penetration
testing
1 24/7 Change Detection
  • Rapid detection of new code
  • Rapid detection of updated code
  • Instant testing of the detected changes
2 24/7 Change Testing
  • Suits to test several URLs
  • Multilayer Application Security Testing:
    • DAST, IAST and SCA elastic scanning
    • Machine Learning to accelerate testing
    • AI to reduce required human testing time
    • Human testing of complicated vulnerabilities
  • Threat-aware testing scenarios
  • Full customization of testing
  • Authenticated testing
  • 2FA & SSO support
3 Reporting
  • Zero False-Positives SLA
  • Threat-Aware Risk Scoring
  • Tailored Remediation Guidelines
  • Web Interface, PDF and XML Formats
  • PCI DSS and GDPR compliances
  • CVE, CWE and CVSSv3 scores
4 DevSecOps
  • Multirole Dashboard
  • 24/7 Technical Support
  • Instant Alerts on New Vulnerabilities:
    • SMS
    • Email
    • Phone
  • One-Click Virtual Patching via WAF
  • Unlimited Patch Verification
  • Vulnerability Data Export
Which package do I need? Please use our free Package Selector or request a demo for a guided tour and personalized quote.
How packages are different? By the increasing investment of human time and number of scanning nodes required to deliver a comprehensive testing.
What if I order a smaller package? We may have insufficient time to detect all sophisticated vulnerabilities and explore advanced attack vectors.
What is a traditional penetration test day equivalent? A quality and reliability benchmark of our multilayer application security testing technology.
This package best suits applications of:
Size
Complexity
Criticality
Fixed price: $1,199 per month
Equivalent of
1 day of traditional
web penetration
testing
1 24/7 Changes Detection
  • Rapid detection of new code
  • Rapid detection of updated code
  • Instant testing of the detected changes
2 24/7 Change Testing
  • Suits to test several URLs
  • Multilayer Application Security Testing:
    • DAST, IAST and SCA elastic scanning
    • Machine Learning to accelerate testing
    • AI to reduce required human testing time
    • Human testing of complicated vulnerabilities
  • Threat-aware testing scenarios
  • Full customization of testing
  • Authenticated testing
  • 2FA & OAuth support
3 Reporting
  • Zero False-Positives SLA
  • Threat-Aware Risk Scoring
  • Tailored Remediation Guidelines
  • Web Interface, PDF and XML Formats
  • PCI DSS and GDPR compliances
  • CVE, CWE and CVSSv3 scores
4 DevSecOps
  • Multirole Dashboard
  • 24/7 Technical Support
  • Instant Alerts on New Vulnerabilities:
    • SMS
    • Email
    • Phone
  • One-Click Virtual Patching via WAF
  • Unlimited Patch Verification
  • Vulnerability Data Export
Which package do I need? Please use our free Package Selector or request a demo for a guided tour and personalized quote.
How packages are different? By the increasing investment of human time and number of scanning nodes required to deliver a comprehensive testing.
What if I order a smaller package? We may have insufficient time to detect all sophisticated vulnerabilities and explore advanced attack vectors.
What is a traditional penetration test day equivalent? A quality and reliability benchmark of our multilayer application security testing technology.
This package best suits applications of:
Size
Complexity
Criticality
Fixed price: $5,199 per month
Equivalent of
5 days of traditional
web penetration
testing
1 24/7 Changes Detection
  • Rapid detection of new code
  • Rapid detection of updated code
  • Instant testing of the detected changes
2 24/7 Change Testing
  • Suits to test several URLs
  • Multilayer Application Security Testing:
    • DAST, IAST and SCA elastic scanning
    • Machine Learning to accelerate testing
    • AI to reduce required human testing time
    • Human testing of complicated vulnerabilities
  • Threat-aware testing scenarios
  • Full customization of testing
  • Authenticated testing
  • 2FA & OAuth support
3 Reporting
  • Zero False-Positives SLA
  • Threat-Aware Risk Scoring
  • Tailored Remediation Guidelines
  • Web Interface, PDF and XML Formats
  • PCI DSS and GDPR compliances
  • CVE, CWE and CVSSv3 scores
4 DevSecOps
  • Multirole Dashboard
  • 24/7 Technical Support
  • Instant Alerts on New Vulnerabilities:
    • SMS
    • Email
    • Phone
  • One-Click Virtual Patching via WAF
  • Unlimited Patch Verification
  • Vulnerability Data Export
Which package do I need? Please use our free Package Selector or request a demo for a guided tour and personalized quote.
How packages are different? By the increasing investment of human time and number of scanning nodes required to deliver a comprehensive testing.
What if I order a smaller package? We may have insufficient time to detect all sophisticated vulnerabilities and explore advanced attack vectors.
What is a traditional penetration test day equivalent? A quality and reliability benchmark of our multilayer application security testing technology.
This package best suits applications of:
Size
Complexity
Criticality
Fixed price: $8,699 per month
Equivalent of
10 days of traditional
web penetration
testing
1 24/7 Changes Detection
  • Rapid detection of new code
  • Rapid detection of updated code
  • Instant testing of the detected changes
2 24/7 Change Testing
  • Suits to test several URLs
  • Multilayer Application Security Testing:
    • DAST, IAST and SCA elastic scanning
    • Machine Learning to accelerate testing
    • AI to reduce required human testing time
    • Human testing of complicated vulnerabilities
  • Threat-aware testing scenarios
  • Full customization of testing
  • Authenticated testing
  • 2FA & OAuth support
3 Reporting
  • Zero False-Positives SLA
  • Threat-Aware Risk Scoring
  • Tailored Remediation Guidelines
  • Web Interface, PDF and XML Formats
  • PCI DSS and GDPR compliances
  • CVE, CWE and CVSSv3 scores
4 DevSecOps
  • Multirole Dashboard
  • 24/7 Technical Support
  • Instant Alerts on New Vulnerabilities:
    • SMS
    • Email
    • Phone
  • One-Click Virtual Patching via WAF
  • Unlimited Patch Verification
  • Vulnerability Data Export
Which package do I need? Please use our free Package Selector or request a demo for a guided tour and personalized quote.
How packages are different? By the increasing investment of human time and number of scanning nodes required to deliver a comprehensive testing.
What if I order a smaller package? We may have insufficient time to detect all sophisticated vulnerabilities and explore advanced attack vectors.
What is a traditional penetration test day equivalent? A quality and reliability benchmark of our multilayer application security testing technology.

Developers Environment

Web Application Firewalls

Testimonials and Customer References

Crédit Agricole next bank (Suisse) SA
eBay Classifieds Group
Banca dello Stato del Cantone Ticino
Haymarket Media, Inc.
Swissquote Bank SA
University Hospitals of Geneva (HUG)
Celgene
UNIRISC GROUP
SIX Group Services AG
International Telecommunication Union (ITU)
UN
Manor AG
SIM University
Arab Bank (Switzerland) Ltd.
Legal Vision
iPresent
Gartner Peer Insights
Quick Start
Technology
Products
Free Trial