Can I integrate Neuron into my CI/CD pipeline?

Yes, you can integrate Neuron with majority of on-premise and cloud-based CI/CD pipelines. You can also use our API to automatically manage scans.

How often can I scan my web applications?

Neuron is a subscription-based service. While your target’s scan period is active, you can run unlimited number of scans of your application.

What is the difference between Annual and Monthly Scan Subscriptions?

Annual Scan Subscription allows to scan any added target for as long as you have access to the dashboard. Monthly Scan Subscription allows to scan any added target for 1 month only.

ImmuniWeb® Neuron | Premium Web Application Security Scanning

Outperform Traditional Vulnerability Scanning

Capacities	ImmuniWeb® Neuron	Traditional Web Security Scanning
Web, API & Cloud Testing
Coverage of OWASP Top 10
Intelligent Crawling with AI Technology
Intelligent Fuzzing with AI Technology
Intelligent Exploitation with AI Technology
Zero False-Positives SLA for Each Scan
24/7 Assistance with Remediation
Compliance-Ready Reports

Traditional Web
Security Scanning

Prevention is Better Than Incident Response. Get Started

Buy Now Get a Demo

Centralized Scan Management and Multiuser Dashboard

CI/CD and DevSecOps Native

See All Integrations

Web Security Scanning That Works Everywhere

APIs & Web Services

Find security flaws in your
microservices and APIs

Single Page Apps

Detect vulnerabilities in
SPA and Ajax apps

Cloud-Native Apps

Test your full web stack on AWS, Azure, or GCP.

Internal & External Web Apps

Test your internal apps and APIs with
our Virtual Appliance technology

Authenticated Scans

Run authenticated multiuser scans
with fully supported SSO & MFA

Buy Now Get a Demo

ImmuniWeb^® Neuron [PDF]

Maximize Detection Rate. Meet Compliance Requirements.

A1: Broken Access Control
A2: Cryptographic Failures
A3: Injection
A4: Insecure Design
A5: Security Misconfiguration
A6: Vulnerable and Outdated Components
A7: Identification and Authentication Failures
A8: Software and Data Integrity Failures
A9: Security Logging and Monitoring Failures
A10: Server-Side Request Forgery

API1: Broken Object Level Authorization
API2: Broken Authentication
API3: Broken Object Property Level Authorization
API4: Unrestricted Resource Consumption
API5: Broken Function Level Authorization
API6: Unrestricted Access to Sensitive Business Flows
API7: Server Side Request Forgery
API8: Security Misconfiguration
API9: Improper Inventory Management
API10: Unsafe Consumption of APIs

Compliance-Ready Web Vulnerability Scanning

Cybersecurity, Data Protection and Privacy Regulations

EU DORA, NIS 2 & GDPR

Helps fulfil scanning requirements
under EU laws & regulations

US HIPAA, NYSDFS & NIST SP 800-171

Helps fulfil scanning requirements
under US laws & frameworks

PCI DSS, ISO 27001, SOC 2 & CIS Controls®

Helps fulfil scanning requirements
under the industry standards

Europe
North & South America
Middle East & Africa
Asia Pacific

Europe

EU GDPR

EU DORA

EU NIS 2

EU Cyber Resilience Act

EU AI Act

EU ePrivacy Directive

UK GDPR

Swiss FADP

Swiss FINMA Circular 2023/1

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

North & South America

Brazil Data Protection Law LGPD

California CCPA

Canada PIPEDA

New York DFS Cybersecurity Regulation

New York SHIELD Act

US FTC Safeguards Rule

US HIPAA

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

Middle East & Africa

Qatar Personal Data Privacy Protection Law

Saudi Arabia Personal Data Protection Law

Saudi Arabian Monetary Authority Cyber Security Framework (1.0)

South Africa Protection of Personal Information Act

UAE Information Assurance Regulation (1.1)

UAE Personal Data Protection Law

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

Asia Pacific

Australia Privacy Act

Hong Kong Personal Data Privacy Ordinance

India Digital Personal Data Protection Act

Japan Act on the Protection of Personal Information

Singapore Personal Data Protection Act

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

ImmuniWeb^® Neuron Deliverables

Premium Web Application Security Scanning

Web Security Scanning

Full Scan Customization
AI-Powered Vulnerability Detection
Authenticated Scans (SSO/MFA)
Patch Verification Scans
Web Security Scanning:
- AI-Based Fuzzing
- OWASP Top 10 Vulnerabilities
- OWASP Top 10 API Vulnerabilities
- Software Composition Analysis (SCA)
- Insecure HTTP Headers
- SSL/TLS Weaknesses
API Security Scanning
API Schema Support (Postman, Swagger, etc.)
Known Web Vulnerabilities Scanning:
- WordPress & 400+ Other Popular CMSs
- 150,000+ CMS Plugins & Themes
- 12,000+ JavaScript Libraries
- 10,000+ Known CVE-IDs
Open Source Software Security Ratings
Detection of AI-Related Vulnerabilities
Detection of Vibe-Coding Flaws

Reporting

Zero False-Positives SLA Money-Back Guarantee

Contractual money-back guarantee for one single false positive.
Risk-Based Prioritization of Findings
Simple Instructions to Reproduce Findings
Web, PDF, JSON, XML and CSV Reports
Friendly Remediation Guidelines
Screenshots and Raw HTTP Data
Consolidated View of All Scans
CVE and CWE Mapping
CVSSv4 Scoring

Remediation

24/7 Expert Assistance 30 Languages
Patch Verification Scan Mode
RBAC Scan Management Dashboard
Seamless DevSecOps Integration
Unlimited Dashboard Users
Turnkey CI/CD Automation
Simple Scan Scheduling
Recurrent Scans
Email Alerts

ImmuniWeb^® Neuron Pricing

Premium Web Application Security Scanning

	Annual Scan Subscription	Monthly Scan Subscription
Price per Target (FQDN) If your web application remains the same but changes its Fully Qualified Domain Name (FQDN), you will not need to use another target keeping your costs under control.	595 EUR	395 EUR
Number of Scans per Target You can easily run your scans in a scheduled or manual mode, as well as automatically launch scanning via your CI/CD pipeline.	Unlimited	Unlimited
Discount for Penetration Testing Enjoy a discount for any ImmuniWeb penetration testing products (On-Demand and MobileSuite) during the entire duration of your subscription.	15%	5%
Dashboard Ready Your dashboard will be available on this date (if you purchase today).	Today	Today

Prevention is Better Than Incident Response. Get Started.

Instant Online Purchase

All Product Benefits
Secure Online Purchase
Zero Paperwork
Instant Start

Buy Now

Expert-Guided Purchase

Customizable Packages
Volume & Industry Discounts
Flexible Payment Terms
Personal Manager

Get in Touch

All payments can be made via
a bank wire or secure online payment

ImmuniWeb^® Neuron [PDF]

They Already Started

After many years using the same EASM, the attention of the engineers went down and it was clear we needed a new tool. After we heard extremely good feedback around Immuniweb from our peers, we decided to give it a go. Immuniweb's approach is different and very detailed in the vulnerabilities it finds, giving our engineers some new things to fix and renewed interest. After one year, we are quite pleased with the product and renewed it. I would also give a shout-out to the support which is answering / helping extremely fast. So - do like us, give it a try!

Olivier Martinet
Group CISO TX Group

ImmuniWeb is an efficient and very easy-to-use solution that combines automatic and human tests. The results are complete, straightforward and easy to understand. It’s an essential tool for the development of the new digital activities

Didier Ramella
CISO

ImmuniWeb is a great innovative service that brings unbeatable ROI. It is undoubtedly the best way to quickly and easily guarantee your customers that their data is safe with you - and yours too by the way! Efficient and effective!

Jean-Michel Beylard-Ozeroff
Head of IT

ImmuniWeb is an invaluable tool for iPresent with both automated and manual penetration testing. The fantastic manual testing has found even the most hidden and complicated bugs in our security and ImmuniWeb has delivered first class knowledge. The self-service interface also gives us great control to schedule and monitor tests when we need them

Neil Bostrom
Chief Technical Officer

ImmuniWeb is the best and simplest way to secure your business online. It's really fantastic experience to get report with zero false positive with detailed actions how to resolve problems and remove vulnerabilities. I think ImmuniWeb is definitely the best alternative to pen testers. As well as a way to save on staff and other costs. I am glad that I can get it all without any hidden costs and without complicated licensing schemes

Nika Vachridze
Senior Information Security Officer

ImmuniWeb provides accurate assessment on the security posture of our cloud-based applications. The report provided is concise and easy to read with sound advisories on the necessary steps to fix the issues. What impressed me most was that no false positive was listed and the vulnerabilities are real. ImmuniWeb certainly gives us the right level of assurance that our cloud-based applications are safe and "good-to-go" before we deploy them out to production

Lee Chye Seng
Director, Learning Systems and Applications

We believe ImmuniWeb platform would definitely address the common weaknesses seen in manual assessments. The AI-assisted platform not only automates the assessments, but also, executes them in a continuous, consistent and reliable fashion. Admittedly, the platform would definitely add quick wins and great ROI to its customers on their investment.

Abuhaneefa Fayaz
Information Security Officer

Quality. Simplicity. Speed.

Zero False-Positives SLA

AI-Enhanced Testing

24/7 Expert Assistance

Top-Notch Reports

DevSecOps Native

Instant Start

How it works

Trusted by 1,000+ Enterprise Customers

Outperform Traditional Vulnerability Scanning

Prevention is Better Than Incident Response. Get Started

Centralized Scan Management and Multiuser Dashboard

CI/CD and DevSecOps Native