Community Edition
Total Tests:
This Week:
Today:

Attack Surface Management & Dark Web Monitoring

For self-assessment and third-party risk scoring

ImmuniWeb® Discovery reduces complexity and costs of cybersecurity and compliance with continuous discovery of
your external digital assets and attack surface. Attack Surface Management (ASM) is enhanced with
actionable Security Ratings for your assets and proactive Dark Web monitoring.

How It Works

  1. Enter your
    company name
  2. See what
    hackers see
  3. Prioritize, monitor
    and respond

Frequent Use Cases

Reduce Attack Surface

Detection of shadow, abandoned and
unprotected digital assets

Simplify Compliance

Asset inventory and monitoring
for GDPR, PCI DSS & NIST

Reduce Human Risk

Rapid alerts on exposed code
repositories, cloud and IoT

Outpace Attackers

Dark Web monitoring to timely
react and respond

Secure Open Source

Detection of outdated and vulnerable
Open Source Software

Score Your Partners

M&A, vendors, suppliers & other third-party
security ratings and risk scoring

ImmuniWeb® Discovery in Nutshell

Asset Inventory
24/7
Helicopter view of your attack surface and external digital assets
  • APIs & Web Services
  • Web Applications & Websites
  • Domains & SSL Certificates
  • IoT & Connected Objects
  • Public Code Repositories
  • Cloud & NAS Storage
  • Mobile Applications
  • Mail Servers
Continuous Monitoring
24/7
Production-safe vulnerability and compliance scanning
  • Website Security
  • WAF & CSP Presence
  • Mobile Application Security
  • PCI DSS & GDPR Compliance
  • SSL Encryption & Hardening
  • Software Composition Analysis
  • Expiring Domains & Certificates
  • Malware & Black Lists Presence
  • SPF, DMARC & DKIM Presence
Dark Web Monitoring
24/7
Threat intelligence and proactive data leaks monitoring
  • Stolen Credentials
  • Exposed Documents
  • Leaked Source Code
  • Vulnerability Reports
  • Phishing Websites and Pages
  • Fake Accounts in Social Networks
  • Trademark Infringements
  • Squatted Domain Names
Security Ratings
24/7
Award-winning AI technology for actionable and data-driven risk scoring
86
Hackability Score
Hackability score shows how easy a web application can be hacked from a
technical point of view.
18
Attractiveness Score
Attractiveness score shows how attractive a web application is within your industry for cybercriminals.

Everything Visible. Everything Secure.

ImmuniWeb® Discovery Pricing

Unlimited digital assets
discovery & monitoring

SMB
Biweekly Update
Corporate
Weekly Update
Corporate Pro
Daily Update
Asset Discovery
Including:
  • APIs & Web Services
  • Web Applications & Websites
  • Domains & SSL Certificates
  • IoT & Connected Objects
  • Public Code Repositories
  • Cloud & NAS Storage
  • Mobile Applications
  • Mail Servers
Yes Yes Yes
Continuous Monitoring
Including:
  • Website Security
  • WAF & CSP Presence
  • Mobile Application Security
  • PCI DSS & GDPR Compliance
  • SSL Encryption & Hardening
  • Software Composition Analysis
  • Expiring Domains & Certificates
  • Malware & Black Lists Presence
  • SPF, DMARC & DKIM Presence
Yes Yes Yes
Security Ratings
Including:
  • Hackability Score
  • Attractiveness Score
Yes Yes
Dark Web Monitoring
Including:
  • Stolen Credentials
  • Exposed Documents
  • Leaked Source Code
  • Vulnerability Reports
  • Phishing Websites and Pages
  • Fake Accounts in Social Networks
  • Trademark Infringements
  • Squatted Domain Names
Yes
Get results on
$99 / month
$299 / month
$999 / month
VISA MasterCard American Express Maestro Visa Electron PayPal Bank Transfer

Testimonials and Customer References

Frequently Asked Questions

Subscription for 3, 6 and 12 months is available for rapid purchase via a secure online payment by credit card or PayPal. Payment by a bank wire is likewise available for a yearly subscription.

Yes, ImmuniWeb Discovery is non-intrusive and is based on OSINT model, leveraging the data already accessible or visible in the Internet. Therefore, you can use it for Security Ratings Services (SRS) to rapidly scorecard your suppliers, vendors and other third-parties including parties to M&A transactions.

Yes, at any time you can add supplementary websites or mobile apps belonging to the same brand. You can also import a list of such web applications, we will automatically remove duplicates adding only the new ones.

Yes, if there are any mentions of them in the Internet. For example, if your developers accidentally leak a URL of your internal application via a public code repository (e.g. GitHub), it will likely be detected and brought to your attention.

We have an automated, OSINT-based technology to monitor all publicly accessible .onion websites, web resources, IRC channels, Pastebin and other data sharing websites, Telegram chats and other social networks for sensitive data related or belonging to your company.

No, ImmuniWeb Discovery ensures a holistic visibility of your external IT assets, continuous web security and compliance monitoring, and surveillance of data leaks and mentions on Dark Web. For business-critical applications we recommend more in-depth ImmuniWeb penetration testing offering.

No, the testing process is production-safe and non-intrusive, no action is required from your side.

We provide 24/7 access to our ticketing system for technical and business questions you may have.

Yes, you can download the data from the dashboard via our API.

Gartner Peer Insights Recommends

Gartner Peer Insights
Ask a Question