What is our primary use case?
The product of ImmuniWeb that I have used the most, for me and for my clients, is On-Demand. The WAPT and MAPT On-Demand delivers in less time, with greater detail and multiple values added, a lot more versus locally-sourced first-level Ethical Hacking.
For my clients, Discovery is useful. This allows you to quickly and effectively inventory the whole external surface, with a score of risks and continuous monitoring. The Discovery Corporate Pro delivers what is known as brand monitoring, which is of great value for companies that usually need to mitigate data leaks, impersonation of domains and other techniques of attacks, and issues related to the reputation of the company.
How has it helped my organization?
I have managed to deliver to my clients the services of Ethical Hacking in less time, with better deliverables, and other key differentiators that make my company more competitive in the local market.
With regard to the surface of external attack, the Discovery of ImmuniWeb has enabled our clients to move from a state in which they did not know its surface, to having knowledge of inventory, risks, and new vulnerabilities to their external assets as these are emerging or changing in time.
What is most valuable?
The most valuable features are the SLA of Zero false-positives, less time of service development, validation of unlimited patched vulnerabilities, and several others.
Frictionless customer service is something I appreciate very much. The ability to deliver customer access to the dashboard of the service and make it an active part of the project is a great contribution. The customer is not limited to receive an initial report of service and another report at the end of the service, but a complete view of the evolution of the service. This gives them more peace of mind on the development of the project.
What needs improvement?
A great idea would be to support using Discovery on the internal network, allowing delivery of all the features of the current Discovery to internal network resources. That would be a great contribution to large companies that don´t have an inventoried and effective risk score of the assets internally. In the same way that it can deliver On-Demand WAPT or MAPT for internal network applications through a virtual machine provided by ImmuniWeb, this could be done for the Discovery of the internal network.
For how long have I used the solution?
I have used the products of ImmuniWeb for almost two years.
What do I think about the stability of the solution?
The stability is unbeatable.
What do I think about the scalability of the solution?
This solution has excellent scalability.
How are customer service and technical support?
The customer support is quite fast and effective.
Which solution did I use previously and why did I switch?
For WAPT and MAPT, we have used for years the consultancies of our Ethical Hackers, who clearly do not compete with ImmuniWeb with regard to times, validation of patching of vulnerabilities, or the Zero False-Positives SLA.
How was the initial setup?
The initial setup is very simple. The project is created and everything progresses from there.
What's my experience with pricing, setup cost, and licensing?
The values of ImmuniWeb are currently significantly below what is valued in the Chilean market for these services and solutions.
Which other solutions did I evaluate?
We evaluated Nessus, Acunetix, and Rational AppScan, but all of these are tests of web vulnerabilities. ImmuniWeb initially performed the analysis of vulnerabilities, followed by ethical hacking on the part of its human team, with evidence of business logic from the application and state of the art tests.