Can I integrate Neuron into my CI/CD pipeline?

Yes, you can integrate Neuron with majority of on-premise and cloud-based CI/CD pipelines. You can also use our API to automatically manage scans.

How often can I scan my web applications?

Neuron is a subscription-based service. While your target’s scan period is active, you can run unlimited number of scans of your application.

What is the difference between Annual and Monthly Scan Subscriptions?

Annual Scan Subscription allows to scan any added target for as long as you have access to the dashboard. Monthly Scan Subscription allows to scan any added target for 1 month only.

ImmuniWeb^® AI Platform ProductsNeuron

ImmuniWeb^® Neuron
Premium Web Application Security Scanning

ImmuniWeb^® Neuron leverages the power of Machine Learning and AI to take automated web vulnerability
scanning to the next level. It detects more vulnerabilities compared to traditional web security scanners,
provides risk-based scoring and remediation guidelines, and has a zero false-positives SLA.

Quality. Simplicity. Speed.

Zero False-Positives SLA

Money-Back Guarantee for
a single false positive

AI-Enhanced Testing

Deep Learning AI engine detects
more vulnerabilities

24/7 Expert Assistance

Vulnerability remediation help
for your software developers

Top-Notch Reports

Zero noise, working exploits,
risk-based scoring

DevSecOps Native

Full automation of testing and
CI/CD pipeline integrations

Instant Start

Secure online payment to instantly
start using the product

How it works

Just add your targets
and select scan mode
Run instant or scheduled
security scanning
Get help with patching and
re-scan to validate the fix

Buy Now Get a Demo

Download Platform Presentation

Trusted by 1,000+ Global Customers

After many years using the same EASM, the attention of the engineers went down and it was clear we needed a new tool. After we heard extremely good feedback around Immuniweb from our peers, we decided to give it a go. Immuniweb's approach is different and very detailed in the vulnerabilities it finds, giving our engineers some new things to fix and renewed interest. After one year, we are quite pleased with the product and renewed it. I woud also give a shot-out to the support which is answering / helping extremely fast. So - do like us, give it a try!

Olivier Martinet
Group CISO TX Group

ImmuniWeb is the best and simplest way to secure your business online. It's really fantastic experience to get report with zero false positive with detailed actions how to resolve problems and remove vulnerabilities. I think ImmuniWeb is definitely the best alternative to pen testers. As well as a way to save on staff and other costs. I am glad that I can get it all without any hidden costs and without complicated licensing schemes

Nika Vachridze
Senior Information Security Officer

ImmuniWeb is a great innovative service that brings unbeatable ROI. It is undoubtedly the best way to quickly and easily guarantee your customers that their data is safe with you - and yours too by the way! Efficient and effective!

Jean-Michel Beylard-Ozeroff
Head of IT

We believe ImmuniWeb platform would definitely address the common weaknesses seen in manual assessments. The AI-assisted platform not only automates the assessments, but also, executes them in a continuous, consistent and reliable fashion. Admittedly, the platform would definitely add quick wins and great ROI to its customers on their investment.

Abuhaneefa Fayaz
Information Security Officer

ImmuniWeb provides accurate assessment on the security posture of our cloud-based applications. The report provided is concise and easy to read with sound advisories on the necessary steps to fix the issues. What impressed me most was that no false positive was listed and the vulnerabilities are real. ImmuniWeb certainly gives us the right level of assurance that our cloud-based applications are safe and "good-to-go" before we deploy them out to production

Lee Chye Seng
Director, Learning Systems and Applications

ImmuniWeb is an invaluable tool for iPresent with both automated and manual penetration testing. The fantastic manual testing has found even the most hidden and complicated bugs in our security and ImmuniWeb has delivered first class knowledge. The self-service interface also gives us great control to schedule and monitor tests when we need them

Neil Bostrom
Chief Technical Officer

ImmuniWeb is an efficient and very easy-to-use solution that combines automatic and human tests. The results are complete, straightforward and easy to understand. It’s an essential tool for the development of the new digital activities

Didier Ramella
CISO

Outperform Traditional Vulnerability Scanning

Capacities	ImmuniWeb® Neuron	Traditional Web Security Scanning
Web, API & Cloud Testing
Coverage of OWASP Top 10
Intelligent Crawling with AI Technology
Intelligent Fuzzing with AI Technology
Intelligent Exploitation with AI Technology
Zero False-Positives SLA for Each Scan
24/7 Assistance with Remediation
Compliance-Ready Reports

Traditional Web
Security Scanning

Buy Now Get a Demo

Centralized Scan Management and Multiuser Dashboard

CI/CD and DevSecOps Native

See All Integrations

Web Security Scanning That Works Everywhere

APIs & Web Services

Find security flaws in your
microservices and APIs

Single Page Apps

Detect vulnerabilities in
SPA and Ajax apps

Cloud-Native Apps

Test your full web stack at
AWS, Azure or GCP

Internal & External Web Apps

Test your internal apps and APIs with
our Virtual Appliance technology

Authenticated Scans

Run authenticated multiuser scans
with fully supported SSO & MFA

Buy Now Get a Demo

Download Platform Presentation

Maximize Detection Rate. Meet Compliance Requirements.

A1: Broken Access Control
A2: Cryptographic Failures
A3: Injection
A4: Insecure Design
A5: Security Misconfiguration
A6: Vulnerable and Outdated Components
A7: Identification and Authentication Failures
A8: Software and Data Integrity Failures
A9: Security Logging and Monitoring Failures
A10: Server-Side Request Forgery

API1: Broken Object Level Authorization
API2: Broken Authentication
API3: Broken Object Property Level Authorization
API4: Unrestricted Resource Consumption
API5: Broken Function Level Authorization
API6: Unrestricted Access to Sensitive Business Flows
API7: Server Side Request Forgery
API8: Security Misconfiguration
API9: Improper Inventory Management
API10: Unsafe Consumption of APIs

Compliance-Ready Web Vulnerability Scanning

Data Protection, Privacy and Incident Response

EU DORA, NIS 2 & GDPR

Helps fulfil scanning requirements
under EU laws & regulations

US HIPAA, NYSDFS & NIST SP 800-171

Helps fulfil scanning requirements
under US laws & frameworks

PCI DSS, ISO 27001, SOC 2 & CIS Controls®

Helps fulfil scanning requirements
under the industry standards

Europe
North & South America
Middle East & Africa
Asia Pacific

Europe

EU GDPR

EU DORA

EU NIS 2

EU Cyber Resilience Act

EU AI Act

EU ePrivacy Directive

UK GDPR

Swiss FADP

Swiss FINMA Circular 2023/1

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

North & South America

Brazil Data Protection Law LGPD

California CCPA

Canada PIPEDA

New York DFS Cybersecurity Regulation

New York SHIELD Act

US FTC Safeguards Rule

US HIPAA

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

Middle East & Africa

Qatar Personal Data Privacy Protection Law

Saudi Arabia Personal Data Protection Law

Saudi Arabian Monetary Authority Cyber Security Framework (1.0)

South Africa Protection of Personal Information Act

UAE Information Assurance Regulation (1.1)

UAE Personal Data Protection Law

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

Asia Pacific

Australia Privacy Act

Hong Kong Personal Data Privacy Ordinance

India Digital Personal Data Protection Act

Japan Act on the Protection of Personal Information

Singapore Personal Data Protection Act

Global

ISO 27001:2022

NIST Cybersecurity Framework (2.0)

NIST SP 800-171 (Rev. 3)

NIST SP 800-53 (Rev. 5)

PCI DSS (4.0.1)

ImmuniWeb^® Neuron Deliverables

Premium Web Application Security Scanning

Web Security Scanning

Full Scan Customization
AI-Powered Vulnerability Detection
Authenticated Scans (SSO/MFA)
Patch Verification Scans
Web Security Scanning:
- AI-Based Fuzzing
- OWASP Top 10 Vulnerabilities
- OWASP Top 10 API Vulnerabilities
- Software Composition Analysis (SCA)
- Insecure HTTP Headers
- SSL/TLS Weaknesses
Known Web Vulnerabilities Scanning:
- WordPress & 400+ Other Popular CMSs
- 150,000+ CMS Plugins & Themes
- 12,000+ JavaScript Libraries
- 10,000+ Known CVE-IDs
Open Source Software Security Ratings
Detection of AI-Related Vulnerabilities
Detection of Vibe-Coding Flaws

Reporting

Zero False-Positives SLA Money back

Contractual money-back guarantee for one single false positive.
Risk-Based Prioritization of Findings
Simple Instructions to Reproduce Findings
Web, PDF, JSON, XML and CSV Reports
Friendly Remediation Guidelines
Screenshots and Raw HTTP Data
Consolidated View of All Scans
CVE and CWE Mapping
CVSSv4 Scoring

Remediation

24/7 Expert Assistance
Patch Verification Scan Mode
RBAC Scan Management Dashboard
Seamless DevSecOps Integration
Unlimited Dashboard Users
Turnkey CI/CD Automation
Simple Scan Scheduling
Recurrent Scans
Email Alerts

ImmuniWeb^® Neuron Pricing

Premium Web Application Security Scanning

	Annual Scan Subscription	Monthly Scan Subscription
Scans per Target	Unlimited during 1 year	Unlimited during 1 month
Price per Target (FQDN)	595 EUR	395 EUR
Discount for Penetration Testing Enjoy a discount for any ImmuniWeb penetration testing products (On-Demand and MobileSuite) during the entire duration of your subscription.	15%	5%
Dashboard Ready	Today	Today