ImmuniWeb Reviews

We use the solution when we face challenges and urgent attention is needed for complex cases from our clients. To address this, we collaborate with the middleware, internal, and client teams to analyze and sort through intricate logs concerning our business cybersecurity program.

The solution helped us with one of our clients in the New York area contacted us about a data breach. In response, we swiftly organized a case meeting involving our client, internal, and email customer support teams. Together, we conducted an incident response, facilitating offline assistance for proper planning and risk management processes. We delved into the details of the data breach, identified how it occurred, and collaborated to rectify the issue. The client expressed satisfaction with the resolution process.

ImmuniWeb boasts a robust vulnerability detection mechanism, formidable threat mitigation, and an efficient remediation process, incorporating automation techniques and ALM strategies. It also focuses on consumer satisfaction and operates in English-speaking markets, primarily required by the UAE, the United States, Canada, and Australia, among other developed countries.

We have been using this product for the past one and half years.

The solution is highly stable. I rate it a perfect ten.

The solution is scalable. I rate it a nine out of ten.

Support is generally excellent, although there can be delays in ticket resolution sometimes. Dealing with problems, especially considering customers are in different time zones and countries, sometimes leads to time conflicts. Despite this, the support quality is commendable.

Positive

We have used Nessus Tenable. We switched to ImmuniWeb because it is competitively a top-selling product, and our clients quickly recognize its value. Interestingly, some clients are willing to pay more for specific, complex issues, showing their commitment to solving intricate business challenges. In a specific instance, Tenable fell short in addressing a problem promptly, whereas ImmuniWeb efficiently assisted us in resolving the issue. 

The deployment process on the cloud is straightforward, while on-premise can be complex. However, we predominantly use the cloud model for deployment. Our technical team has been exceptional in guiding us in using the product for the cloud model.

There has been good return on investment.

The pricing model should offer flexibility by providing immediate options instead of fixed pricing. There should be the flexibility to change or add pricing, especially for pay-per-use cases.

We have worked with Rapid7. Deploying it presented challenges for customers, with issues arising during installation and usage due to their more complicated deployment process. These platforms demand powerful hardware, making on-premise usage costly.

Our customers use the solution for web scanning, application testing, and attack surface management.

The solution's most valuable feature is reporting.

They should improve the solution's reporting for web scanning tools. Presently, there are many restrictions to accessing the reports. I have to pass some security tests. Despite this, sometimes I couldn't see any information.

They should add more automated tools to demonstrate the possibility of hacks. Also, the tools should help us check the possibility of deploying the databases found before. Along with this, they should add more CRM-related features for better administration. In addition, there needs to be a tool for firewalls and vulnerability management. They should provide security assessments for applications and systems like firewalls, IPS, and web gateway.

The solution's technical support team must provide customers with a clear, easy-to-understand product description.

The solution's initial setup is straightforward. The customers have to log in, enter their company's domain and proceed to scan.

The solution is quite expensive. The license costs around $10,000 per test. Also, the customers have to pay extra for every update.

I advise others to thoroughly understand the technical requirements of their business when it comes to security testing. They should evaluate other solutions, such as Tenable and Qualys. Further, they should make a buying decision after an in-depth analysis using different tools.

I rate the solution as a five.

ImmuniWeb sometimes shows previous scans instead of running tests. 

I have been working with the product for a year. 

ImmuniWeb is stable. 

The product is scalable. My company has three users. 

The tool's deployment was easy. 

I use the product's free version. The tool costs around 229 dollars. 

ImmuniWeb is a straightforward product. I rate it an eight out of ten. 

It is a patch verification platform for web applications, Android, and iOS. It provides reports to the internal development team to schedule patching.

The product assists us in finding some information.

The product’s interface for the web applications could be similar to Android and iOS versions. It is complicated for a new user to understand patch verification on the platform.

We have been using ImmuniWeb for three years and a few months.

I rate the product’s stability a ten out of ten. We never encountered any situation where it was not stable.

We have three ImmuniWeb users, including two security engineers and one manager. I rate the product’s scalability a nine out of ten. It provides detailed results.

The initial setup process is user-friendly. The implementation involves getting quotations on the number of penetration tests from the vendor. Once everything is done, they send us a link, register, and use the platform. For upgrading, they send us a discount code we can apply to make the payment.

The platform is expensive if a large development is involved. However, it is less expensive for scheduled-based testing, quarterly or in a year. We can also negotiate the pricing.

We used some web analytics tools before. However, there needed to be more skill in terms of resources. There were many tasks, and we only had a few teams. Thus, we needed an automated solution. It made us choose ImmuniWeb.

I rate ImmuniWeb a nine out of ten. We had to log the support ticket to receive the patch verification reports.

We use ImmuniWeb as an instrument to discover our externally visible perimeter. This includes the web services accessible from the internet domain names or IP address ranges, everything we register, and maybe some surprising services that are silently running out of our site. 

We also leverage the functionality to search through the public repositories or dark web and look for any entries related to our business or business name. Some may be stolen accounts, source codes, or similar items, but not many vendors around the world offer such a service within one single subscription, which is also important. We try to use every single feature that ImmuniWeb Discovery provides us.

I like the fully automated continuous discovery run by ImmuniWeb in the background. We do not need to rerun the same tests or the same scanning against our resources. We need to supply our IP addresses, domain names, and significant resources with special domain names and URLs, and we need to do it only once. Then we always have an up-to-date picture. 

I also like the integration with our single sign-on system. We do not need to maintain a separate set of usernames or user accounts. We can plug this ImmuniWeb service into our authentication technology, enabling two-factor authentication. We have secure authentication right out of the box. 

The other important feature I like is the executive view. You can easily switch from a technical view to an executive view and have a helicopter view of the compliance status. We can see how much effort is required and our current status.

It would be better if they had an automated tagging feature. The tagging functionality currently requires manual tagging, and that's probably the most needed feature from my standpoint.

We also do not have enough tools, enough features, or options to display different resources in the way we need. There are basic grouping and some filtering features, but we still cannot fully separate some flavors of our resources. However, we may not be aware of the latest features.

I have been using ImmuniWeb since September 2021, about a year and a half.

ImmuniWeb is a cloud-based stable solution.

ImmuniWeb is cloud-based, so it's easily scalable. It can be scaled up at the vendor's discretion. We need to throttle some of the scan intensity for some resources, but it's only on our side, and we can control that. We do not care about the scalability on the vendor side in terms of the product's speed and performance. It's not our issue, and we do not notice any problems.

Technical support is nicely designed and embedded right into the product or into the web portal. Often when you have Discovery and from different situations when you probably need to ask for support, you are just a couple of clicks away from creating the ticket and asking the support, and they are very responsive.

Positive

The initial setup is straightforward. Even if we had a hundred or thousand more resources, they could all be imported quite easily. It also seamlessly connects to our Azure Active Directory. All imported resources can be tagged in advance, grouped, and sorted in whichever way is feasible for the users. It's straightforward to get into and start getting that value right away.

ImmuniWeb is relatively cheap. It's a competitive price compared to other products in the marketplace. It's worth the money we are paying for it.

I would tell potential users that they should use it. However, they should probably start using the pre-community tools to ensure it's mature enough to provide useful functionality, even for free. 

It will be worth the money if you pay for more advanced functionality. I have been using ImmuniWeb's free edition since it was known by a different name, HT Bridge.

On a scale from one to ten, I would give Immuniweb an eight.

I should say that we've already used ImminiWeb services before. But it was a traditional penetration test of a website. We were absolutely satisfied with their work and selected ImmuniWeb to test our new project for bugs and vulnerabilities.

ImmuniWeb has grown dramatically in these last 4 years. Now, it's a large platform that handles the discovery of your IT assets and launches an AI automated penetration test to fix bugs found.

The first discovery revealed some critical bugs in our assets. ImmuniWeb's team responded very quickly and soon provided a detailed report and guidelines for remediation.

The ImmuniWeb Platform is the best and easiest way to secure a business online. It's a really great experience. We got reports with zero false-positives and detailed instructions regarding how to solve problems and remove any vulnerabilities found with ImmuniWeb Discovery. We didn't have to purchase any complicated software. Everything is online in the cloud.

We are sure that ImmuniWeb is definitely the best alternative to traditional penetration testing. They really reduced our security costs and made our business compliant with GDPR and other European and international laws and regulations.

I like that ImmuniWeb finds all your assets literally anywhere, including on your website, clouds, repositories, network infrastructure, et cetera. Moreover, it scans the Dark Web for assets. Dark Web Monitoring is the most valuable tool. It quickly scans the dark web and you see it all in the dashboard. In our case, we found a password leak.

After the assessment, you clearly know which assets require penetration testing.

The penetration test itself is AI-driven, easily customizable, and provided with a zero false-positive SLA.

You may find the dashboard a bit complicated. That's because of a large number of features. If ImmuniWeb will make a kind of presentation on how to work with a platform when you log in for the first time, that would be ideal.

On the other hand, ImmuniWeb holds monthly webinars where they explain how to use the platform. I took part in one of them and found out a lot of new options I didn't know about before.

A great idea would be to make a mobile application for the ImmuniWeb portal so that all information would be available on the go and from a mobile phone as well. It would be much more convenient.

We have been using ImmuniWeb for 6 months already.

The product offers fast 24/7 support. 

I used the vulnerability scanner from Acunetix and some Qualys products. The scanner is nice but very expensive. It also didn't give the full view of the problems within the website.

I would advise users to start with a small package. Other packages may look costly for an SMB. That said, the price/value ratio is perfect.

We did look at Qualys.

The product of ImmuniWeb that I have used the most, for me and for my clients, is On-Demand. The WAPT and MAPT On-Demand delivers in less time, with greater detail and multiple values added, a lot more versus locally-sourced first-level Ethical Hacking.

For my clients, Discovery is useful. This allows you to quickly and effectively inventory the whole external surface, with a score of risks and continuous monitoring. The Discovery Corporate Pro delivers what is known as brand monitoring, which is of great value for companies that usually need to mitigate data leaks, impersonation of domains and other techniques of attacks, and issues related to the reputation of the company.

I have managed to deliver to my clients the services of Ethical Hacking in less time, with better deliverables, and other key differentiators that make my company more competitive in the local market.

With regard to the surface of external attack, the Discovery of ImmuniWeb has enabled our clients to move from a state in which they did not know its surface, to having knowledge of inventory, risks, and new vulnerabilities to their external assets as these are emerging or changing in time.

The most valuable features are the SLA of Zero false-positives, less time of service development, validation of unlimited patched vulnerabilities, and several others.

Frictionless customer service is something I appreciate very much. The ability to deliver customer access to the dashboard of the service and make it an active part of the project is a great contribution. The customer is not limited to receive an initial report of service and another report at the end of the service, but a complete view of the evolution of the service. This gives them more peace of mind on the development of the project.

A great idea would be to support using Discovery on the internal network, allowing delivery of all the features of the current Discovery to internal network resources. That would be a great contribution to large companies that don´t have an inventoried and effective risk score of the assets internally. In the same way that it can deliver On-Demand WAPT or MAPT for internal network applications through a virtual machine provided by ImmuniWeb, this could be done for the Discovery of the internal network.

I have used the products of ImmuniWeb for almost two years.

The stability is unbeatable.

This solution has excellent scalability.

The customer support is quite fast and effective.

For WAPT and MAPT, we have used for years the consultancies of our Ethical Hackers, who clearly do not compete with ImmuniWeb with regard to times, validation of patching of vulnerabilities, or the Zero False-Positives SLA.

The initial setup is very simple. The project is created and everything progresses from there.

The values of ImmuniWeb are currently significantly below what is valued in the Chilean market for these services and solutions.

We evaluated Nessus, Acunetix, and Rational AppScan, but all of these are tests of web vulnerabilities. ImmuniWeb initially performed the analysis of vulnerabilities, followed by ethical hacking on the part of its human team, with evidence of business logic from the application and state of the art tests.