High-Tech Bridge reinforces ImmuniWeb with IAST technology
Today at Infosecurity Europe 2017, High-Tech Bridge, a provider of web and mobile application security testing services and a Gartner Cool Vendor 2017, announced availability of its proprietary Interactive Application Security Testing (IAST) technology.
The IAST offering will reinforce its current Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) available for web and mobile applications via the ImmuniWeb application security testing platform. All ImmuniWeb packages will continue to provide a zero false-positive contractual guarantee.
The new IAST technology provides customers with ImmuniWeb’s open-source server agent that will correlate a web server’s and other available system logs with dynamic application security testing in real-time. This original approach to IAST assures that blind and complex-to-detect injections (i.e. SQL injections, code injections and various RCEs) will be reliably detected without requiring a customer to disclose its source code.
High-Tech Bridge’s CEO and founder Ilia Kolochenko says: “Our machine learning and hybrid security testing technology provides the most comprehensive vulnerability coverage for a DAST offering currently available on the market. Our complementary SAST services provides a high-quality source code review for the most critical parts of applications. The new IAST technology brings additional reliability to the detection of the most complicated and difficult-to-exploit vulnerabilities. Moreover, we don’t require our customers to disclose their source code, unlike other IAST offerings that require source code disclosure.”
Additionally, the ImmuniWeb Platform now supports one-click vulnerability data export into HP ALM and Splunk. This integration facilitates application vulnerability correlation (AVC) for organizations that leverage the DevSecOps model in application development.
High-Tech Bridge will perform interactive demos of ImmuniWeb and the new IAST technology at Infosecurity Europe 2017, stand S-48.