ImmuniWeb is a global application security company based in Geneva, Switzerland that develops Machine Learning and Artificial Intelligence technologies for Application Security Testing, Attack Surface Management and Dark Web Monitoring provided via ImmuniWeb AI Platform in over 100 countries. Some of the ImmuniWeb founders came from High-Tech Bridge, a leading European web security company company specialized in penetration testing and digital forensics. High-Tech Bridge was named an Industry Leader and Best Service Provider among ethical hacking and penetration testing companies by Frost & Sullivan's market research in 2012.
History
ImmuniWeb was founded by Ilia Kolochenko, Swiss application security expert, SC Media "Thought Leader", Forbes Technology Council member, contributing editor to SC Magazine UK, Dark Reading and IDG's CSO Online.
Security Research
Security Advisories
High-Tech Bridge Security Research Team has released over 500 security advisories affecting various software, with issues identified in products from many well-known vendors, such as Sony, McAfee Novell, in addition to many web vulnerabilities affecting popular open source and commercial web applications, such as osCommerce, Zen Cart, Microsoft SharePoint, SugarCRM and others. High-Tech Bridge's Security Research Lab was registered as CVE and CWE compatible by MITRE. High-Tech Bridge is one of only 24 organizations, globally, and the first in Switzerland, that have been able to achieve CWE certification. The company is listed among 81 organizations, as at August 2013, that include CVE identifiers in their security advisories.
Free Services and Related Research
High-Tech Bridge launched an SSL/TLS configuration testing tool in October 2015. The tool can validates email, web or any other TLS or SSL server configuration against NIST guidelines and checks PCI DSS compliance, it was cited in articles covering the TalkTalk data breach.
Web Vulnerability and Privacy Research
The discovery of vulnerabilities in Yahoo! sites by High-Tech Bridge was widely reported, leading to the t-shirt gate affair and changes in Yahoo's bug bounty program. High-Tech Bridge identified and reported four XSS vulnerabilities on Yahoo! domains, for which the company was awarded two gift vouchers to the value of $25. The sparse reward offered to security researchers for identifying vulnerabilities on Yahoo! was criticized, sparking what came to be called t-shirt-gate, a campaign against Yahoo! sending out T-shirts as thanks for discovering vulnerabilities. High-Tech Bridge's discovery of these vulnerabilities and the subsequent criticism of Yahoo!'s reward program led to Yahoo! rolling out a new vulnerability reporting policy which offers between $150 and $15,000 for reported issues, based on pre-established criteria. In December 2013, High-Tech Bridge research on privacy in popular social networks and email services was cited in a class action lawsuit for allegedly violating its members' privacy by scanning private messages sent on the social network. In October 2014 High-Tech Bridge discovered a Remote Code Execution vulnerabilities in PHP. In December 2014, High-Tech Bridge identified the RansomWeb attack, a development of Ransomware attacks, where hackers have started taking over webs servers, encrypting the data on them and demanding payment to unlock the files. In April 2014, the discovery of a sophisticated Drive-by download attacks, revealed how drive-by download attacks are used to target specific website visitors after their authentication on a compromised web resource. In December 2015, High-Tech Bridge tested the most popular free email service providers, for SSL/TLS email encryption. Hushmail, previously considered as one of the most secure email providers, received a failing "F" grade. Just after, the company updated its SSL configuration and received a score of "B+".
Awards and Recognition
In March 2015, ImmuniWeb was recognized in Frost & Sullivan's 2015 Market Insight as being 'the most complete hybrid offering available'. In April 2016, High-Tech Bridge was selected as a Red Herring Europe 2016 Winner. SC Media Reboot 2016 named ImmuniWeb an Industry Innovator in the Analysis and Testing category. In April 2017, Frost & Sullivan's research on machine learning in Application Security Testing recognized High-Tech Bridge as the most innovative player on AST marketplace, outperforming HPE and IBM Security. In May 2017, Gartner named High-Tech Bridge a Garter Cool Vendor in "Cool Vendors in Security for Midsize Enterprises, 2017" by Adam Hils. In June 2017, High-Tech Bridge was selected as the SC Awards Europe 2017 winner in "Best Emerging Technology" category. In June 2018, ImmuniWeb was named the Winner in “Best Usage of Machine Learning / AI” category at SC Awards Europe 2018 outperforming six other finalists including IBM Watson for cybersecurity. In December 2018, IDC included ImmuniWeb into "IDC Innovators: Mobile App Security Testing, 2018" for ImmuniWeb. In December 2019, SC Media included ImmuniWeb into the Elite “Hall of Fame” of SC Media’s Reboot 19 Innovator Award. The top-level recognition is awarded exclusively to cybersecurity vendors recognized as Industry Innovators for three consecutive years by SC Media Labs market research.
Organizational Memberships
ImmuniWeb is a member of a number of security-related organizations, including:
