Security News > 2022 > July > The End of False Positives for Web and API Security Scanning?

July may positively disrupt and adrenalize the old-fashioned Dynamic Application Security Scanning market, despite the coming holiday season.

The pathbreaking innovation comes from ImmuniWeb, a global application security company, well known for, among other things, its free Community Edition that processes over 100,000 daily security scans of web and mobile apps.

The DAST scanning service is flexibly available as a SaaS, and unsurprisingly contains all fashionable features commonly advertised by competitors on the rapidly growing global market, spanning from native CI/CD integrations to advanced configuration of security scanning, pre-programmed or authenticated testing.

Of note, Neuron's integration with ImmuniWeb's Attack Surface Management offering makes quite a lot of sense both for DevOps and compliance teams: you can first illuminate your shadow IT and forgotten web assets, and then enhance your web application security testing program with a holistic and risk-based testing schedule.

The Swiss-headquartered vendor has an ambitious roadmap to add even more products to its portfolio, which already covers over 20 uses cases spanning from cloud and mobile security testing to Dark Web Monitoring.

Consolidating threat intelligence and Dark Web data with your application security testing - appears to be another smart idea by ImmuniWeb: it isn't worth to scan your website for XSS if you have hundreds of stolen credentials exposed on the Dark Web, allowing bad guys to login.

News URL

https://thehackernews.com/2022/07/the-end-of-false-positives-for-web-and.html