The free service is a part of the ImmuniWeb® Application Security Testing (AST) Platform, designed to reduce AST costs, minimize external attack surface and help achieve compliance and regulatory requirements. ImmuniWeb Discovery enables companies and organizations to maintain a comprehensive inventory and classification of their external web and mobile applications, as well as their APIs. The free service provides continuous and non-intrusive application discovery, leveraging a wide spectrum of reconnaissance and OSINT information gathering techniques. ImmuniWeb Discovery has a user-friendly web interface to monitor, map and label application risks, compliance and personal data storage across corporate web and mobile applications.
High-Tech Bridge also unveils its vendor-neutral Application Security Testing Lifecycle that guides companies through the application security testing jungle in a simple and common-sense way. The lifecycle starts with application discovery and inventory – a crucial step that many companies do not properly implement, regardless which application security testing solution they use.
Ilia Kolochenko, CEO and Founder at High-Tech Bridge, says: “Today, many companies are frustrated and disoriented with their application security strategy, lost in the DevSecOps hype. Most of the application security incidents and data breaches involve abandoned and vulnerable applications that companies simply forget in the course of business development.
“The GDPR imposes severe sanctions for loss of personal data that is unavoidable without holistic inventory and classification of corporate applications. At High-Tech Bridge, we designed this vendor-independent service to enable companies to take back control of their applications.”
Jeff Wilbur, Director, Online Trust Alliance Initiative, Internet Society says: “We have conducted an Online Trust Audit for nearly 10 years, assessing the consumer protection, site security and privacy practices of 1,000 sites. A key conclusion year after year is that organizations need to continually monitor the status of their site and application security to keep pace with the latest vulnerabilities and attack vectors, yet most don’t have a consistent way to monitor changes in all those elements. Free tools such as High-Tech Bridge’s SSL/TLS Server Test, which we have utilized as part of our Audit for years, and their new ImmuniWeb Application Discovery, are invaluable for organizations of all sizes since they give a comprehensive summary against the latest threat and regulatory landscape and point to corrective action that needs to be taken.”
Andy Bates, Executive Director, United Kingdom, Europe, Middle East & Africa, Global Cyber Alliance, comments: “At the Global Cyber Alliance we truly believe that it’s time to clean the internet and remove the systemic causes of cybercrime. There are many excellent free to use security tools and platforms which enable businesses who ordinarily cannot afford commercial cyber defense to receive the protection they deserve. High-Tech Bridge has been one of our most proactive partners and shares our goal to make the internet a safer place, we see its free to use products as complimentary to ours and provide businesses with a holistic protection solution”.
To try ImmuniWeb Discovery simply sign up on ImmuniWeb® Customer Portal using your business email: https://portal.htbridge.com/client/register/?discovery=1
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.