Turnkey Application Inventory and Security Ratings

ImmuniWeb® Discovery rapidly detects your external web, mobile and cloud assets equipped with asset’s
attractiveness and hackability scores. Based on Big Data and our proprietary
AI technology the entire process is non-intrusive.

ImmuniWeb® Discovery

Rapid Asset Discovery
Rapid Asset Discovery

Comprehensive discovery of your external web and mobile apps, APIs, cloud storage, SSL certificates and domains

Holistic Asset Inventory
Holistic Asset Inventory

Multiuser asset management dashboard
with risk scoring, compliance and
PII tracking features

Security and Risk Ratings
Security and Risk Ratings

Big Data and AI technology provide an actionable score of assets attractiveness
and technical hackability

How It Works

  1. Enter your
    company name
  2. See your external
    attack surface
  3. Get actionable
    security scorings

Illuminate Your External Attack Surface

Outdated Software &
Vulnerable Apps
Expiring Domains &
SSL Certificates
Unprotected APIs &
Cloud Storage
Abandoned & Shadow
Applications
Non-Intrusive Security, Privacy and
Compliance Tests for each Application
Website Security Test
Website Security Test
  • GDPR & PCI DSS Test
  • Website CMS Security Test
  • CSP & HTTP Headers Check
SSL Security Test
SSL Security Test
  • SSL Certificate Test
  • Web Server SSL Test
  • PCI DSS, HIPAA & NIST Test
Phishing Test
Phishing Test
  • Brand Phishing Monitoring
  • Trademark Infringement Monitoring
  • Domain Squatting Monitoring

Helicopter View Visibility of Assets and Risks

Everything Visible

Comprehensive discovery of your
Web, Mobile Apps and APIs

Well-Informed Defense

Holistic application defense
and resilience strategy

Rapid and Non-Intrusive

Just enter your company name
and get the results in an hour

Risk-Adjusted Spending

Actionable compliance and security
ratings for every asset

Actionable Risk Scoring

Big Data and AI to calculate asset
Hackability and Attractiveness

Cloud Under Control

Unprotected Amazon S3 buckets and
other cloud storage detection

ImmuniWeb® Discovery Packages

$49 all included
1 Discovery
  • Non-Intrusive OSINT Technology:
    • SSL Certificates
    • Domains Names
    • Web Applications
    • IoT Web Interfaces
    • Mobile Applications
    • APIs & Web Services
    • Unprotected Cloud Storage
  • Non-Intrusive Software Fingerprinting
  • Website Security Test for each Host
  • SSL Security Test for each Host
  • Phishing Test for each Domain
2 Inventory
  • PII / PHI Tracking
  • Ownership Tracking
  • Compliance Tracking
  • SSL Certificate Expiration Tracking
  • Domain Expiration Tracking
  • Data Import & Export
$499 all included
1 Discovery
  • Non-Intrusive OSINT Technology:
    • SSL Certificates
    • Domains Names
    • Web Applications
    • IoT Web Interfaces
    • Mobile Applications
    • APIs & Web Services
    • Unprotected Cloud Storage
  • Non-Intrusive Software Fingerprinting
  • Website Security Test for each Host
  • SSL Security Test for each Host
  • Phishing Test for each Domain
2 Inventory
  • PII / PHI Tracking
  • Ownership Tracking
  • Compliance Tracking
  • SSL Certificate Expiration Tracking
  • Domain Expiration Tracking
  • Data Import & Export
3 Risk Ratings
  • Hackability Score Based on Big Data and Machine Learning, Hackability score shows how easy a web application can be hacked from a technical point of view. Assigned to all web applications and web services.
  • Attractiveness Score Based on Big Data and Machine Learning, Attractiveness score shows how attractive a web application is for an average cybercrime group. Assigned to all web applications and web services.
Any questions? Contact Sales

Frequently Asked Questions

Discovery package visualizes your external attack surface, while Discovery AI also provides you with actionable risk scoring.

Yes, if there is any mention of them in the Internet. For example, if your developers accidentally leak a URL of your internal application via a public code repository, it will likely be detected.

Yes, you can add as many applications as required at no additional cost. You can also import a list of your applications, we will remove duplicates and add the new ones.

All of the discovered applications will be tested for security, compliance and privacy issues via our non-intrusive website security test and SSL/TLS encryption test. This, however, has nothing to do with application penetration testing we offer via other ImmuniWeb products.

No, the entire process is non-intrusive and is based on OSINT model, leveraging the data publicly accessible or discoverable in the Internet.

Usually you will get everything done within 24 hours, sometimes it may take a bit longer for large companies. You can start a new Discovery right now, just enter your company name and perform a secure online payment. Then your Discovery will start straight away.

You may create as many user accounts as practical with access to your Discovery dashboard at no additional cost.

All the data is securely stored in our ISO 27001 infrastructure in Canada and Switzerland (both recognized by the European Commission as countries providing an adequate level of data protection for the purpose of GDPR). Upon request all data can be securely deleted at any moment.

Once you have your applications properly inventoried, you may proceed to a well-informed and risk-based application penetration testing with other ImmuniWeb products. We are happy to guide you through them at your convenience.

Any other questions? Contact Sales

Testimonials and Customer References

Crédit Agricole next bank (Suisse) SA
eBay Classifieds Group
BDO
Haymarket Media, Inc.
Swissquote Bank SA
University Hospitals of Geneva (HUG)
Celgene
UNIRISC GROUP
SIX Group Services AG
International Telecommunication Union (ITU)
UN
Banca dello Stato del Cantone Ticino
SIM University
Arab Bank (Switzerland) Ltd.
Legal Vision
iPresent
Gartner Peer Insights
Quick Start
Products
Free Trial
Newsletter