ImmuniWeb vs SiteLock comparison

Cancel
You must select at least 2 products to compare!
ImmuniWeb Logo
1,272 views|571 comparisons
SiteLock Logo
59 views|47 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ImmuniWeb and SiteLock based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST).
To learn more, read our detailed Application Security Testing (AST) Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Q&A Highlights
Question: What do you recommend for a securing Web Application?
Answer: In addition to Sitelock and Immuniweb, another option to consider for a 24/7 automated vulnerability monitoring tool to protect web applications is Modshield SB Modshield SB is a web application firewall that provides protection against cyber threats, e.g SQL-. injection, cross-site scripting (XSS), and distributed denial-of-service (DDoS) attacks With advanced filtering and rule-based techniques, Modshield SB(https://www.modshieldsb.com/) helps detect and mitigate potential security risks, providing additional protection for your web applications Provides continuous monitoring and real-time protection, ensuring that your applications from incoming threats They are safe. When considering your options, consider availability, pricing, and customer reviews to choose the best tool for your specific security needs. Sitelock, Immuniweb, and Modshield SB are all worth considering for your 24/7 automated vulnerability monitoring needs.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pricing and Cost Advice
  • "The values of ImmuniWeb are currently significantly below what is valued in the Chilean market for these services and solutions."
  • "ImmuniWeb is relatively cheap. It's a competitive price compared to other products in the marketplace. It's worth the money we are paying for it."
  • "It is pretty expensive."
  • "It is pretty expensive."
  • "The platform is expensive if a large development is involved. However, it is less expensive for scheduled-based testing, quarterly or in a year."
  • "There should be the flexibility to change or add pricing, especially for pay-per-use cases."
  • "I use the product's free version. The tool costs around 229 dollars."
  • More ImmuniWeb Pricing and Cost Advice →

  • "You can't just stop auto-renew from your billing panel, the way you can with reputable businesses."
  • More SiteLock Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Answers from the Community
    Sujit Sharma
    it_user550380 - PeerSpot reviewerit_user550380 (Chief Security Architect at a comms service provider with 501-1,000 employees)
    MSP

    In my experience the best option is to make dast and sast before each change of web app, also you can access to this type of service with HP Fortify On Demand. By the way if you want to have a very good balance with protection and a good VA service you can use the F5 Silverline WAF Managed they have their own SOC to deliver VA and they adjust the WAF policies for you and deliver a report for any change and they have dashboards to verify Any security or performance concern.

    it_user648771 - PeerSpot reviewerit_user648771 (Works at a tech company with 5,001-10,000 employees)
    Real User

    While Cloudflare and AWS offer similar solutions, they do not have the scale, or customizable rule sets necessary for a large enterprise. The pricing is misleading, as it's cheap for the basics, but for a large enterprise's needs, the pricing at Akamai is extremely competitive and the value is unmatched.

    Akamai Security Services-Gartner Magic Quadrant for Web Application Firewalls 2017 -- Akamai is now a LEADER

    Please click on this link to learn more : http://pd.lnkd.in/uwo9sv3

    Akamai has a comprehensive security portfolio, serving the largest global enterprises, and government agencies. Lastly, Akamai's Bot Manager with credential abuse mitigation is a leader in identifying and mitigating these types of malicious attacks better than anyone in the market!

    it_user218361 - PeerSpot reviewerit_user218361 (IT Risk and Security Analyst at a university with 1,001-5,000 employees)
    Vendor

    I haven't heard about SiteLock or Immuniweb, but I have used Qualys Web Application Scanning (WAS) and IBM SiteProtector. They are great vulnerability tools. I just want to add to what Omar said, having IDS/IPS tools like FireEye or QRadar is also benefits to protect assets. Let us know what your decision is.

    Vaisakh Tr - PeerSpot reviewerVaisakh Tr (Prophaze)
    Consultant

    There are many products out there that work as a WAF. WAF is not really aware of the application it is securing. There are solutions that block DDoS attacks (it needs a bit of muscle power as well). The other issue is the attack of automated bots in the system. AS of now none of the security vendors gives a full stack of protection against these attacks 

    http://prophaze.com/ is the only solution that is more of a WAF + RASP + BOT + DDOS solution which is built on Kubernetes architecture. It is the first distributed cloud security solution on microservices that can secure your APIs, Web Apps from highly sophisticated attacks. 

    Its behavioral learning algorithm understands the HTTP flow of the API or web application it is securing and will create a score based on the various accepted behavior in the application. Prophaze during its initial 14 days of the trial will automatically profile the applications using its ML-based algorithms 


    Important Features


     Virtual Patching


     Bot Mitigation



    it_user635388 - PeerSpot reviewerit_user635388 (Manager)
    Real User

    Hi, to secure completely your web application you need to:
    1) Use tools that check against vulnerabilities at run time
    2) Use code review tools, that looks for common vulnerabilities documented by OWASP and CWE.

    Options 1 and 2 are mandatory and complementary at the same time.
    Option 2 is interesting because it will give you an exhaustive report of vulnerabilities location.
    Option 1 is interesting because it allows you to check if there is any vulnerabilities left at run time.

    For option 2 you can look for Kiuwan (www.kiuwan.com). I'm using it for auditing security issues in web applications, and it has great vulnerabilities coverage.

    it_user498738 - PeerSpot reviewerit_user498738 (Sedurity Architect at a tech company with 51-200 employees)
    Vendor

    A WAF can be an excellent solution, most of them are design to absorb large attacks such as DDOS attacks and also protects against common application attacks (SQLi, XSS, etc). Akamai is a good example of a CDN which includes WAF a cheaper option can be Cloudfare or AWS .

    Based on my experience I know Akamai WAF can generate a detail report with the type of attacks that is trying to be exploited as well bot information and GEO Tags.

    it_user743652 - PeerSpot reviewerit_user743652 (Security Research Engineer at a tech vendor with 201-500 employees)
    Vendor

    There are various tools out there in the market such as web application firewalls (WAFs), DDoS prevention, and vulnerability scanning tools at various levels (host vs. web). You need to select a combination of the right toolset to do the job. However, web security is not just about the tools, you need to conduct proper assessment of your environment through penetration testing, code review, architecture review and so forth.

    Victoria Mostova - PeerSpot reviewerVictoria Mostova
    Real User

    Securing web applications is crucial, and having a 24/7 automated vulnerability monitoring tool is a great step towards enhanced security. Both Sitelock and Immuniweb are reputable options, but I would also suggest considering OWASP ZAP (Zed Attack Proxy) as another powerful open-source option for web application security testing. You can learn more about web application security and best practices in this comprehensive article from Cleveroad (https://www.cleveroad.com/blog/web-application-architecture/). It covers the importance of security in web application architecture and provides insights on how to build robust and secure web applications, making it a valuable resource to further enhance your application's security measures.

    Questions from the Community
    Top Answer:In addition to Sitelock and Immuniweb, another option to consider for a 24/7 automated vulnerability monitoring tool to protect web applications is Modshield SB Modshield SB is a web application… more »
    Top Answer:I use the product's free version. The tool costs around 229 dollars.
    Ask a question

    Earn 20 points

    Ranking
    Views
    1,272
    Comparisons
    571
    Reviews
    5
    Average Words per Review
    412
    Rating
    7.8
    Views
    59
    Comparisons
    47
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    Comparisons
    Sucuri logo
    Compared 41% of the time.
    Cloudflare logo
    Compared 29% of the time.
    Imperva DDoS logo
    Compared 15% of the time.
    AWS WAF logo
    Compared 15% of the time.
    Learn More
    Overview

    ImmuniWeb is a global application security company operating in over 50 countries, headquartered in Geneva, Switzerland. Most of ImmuniWeb's customers come from regulated industries, such as banking, healthcare, and e-commerce.

    ImmuniWeb® AI Platform leverages award-winning AI and Machine Learning technology for acceleration and intelligent automation of Attack Surface Management and Dark Web Monitoring. The data is later leveraged for threat-aware and risk-based Application Penetration Testing for web, mobile, and API security testing. ImmuniWeb is the only company that offers a contractual zero false-positives SLA with a money-back guarantee. ImmuniWeb’s AI technology is a recipient of numerous awards and recognitions, including Gartner Cool Vendor, IDC Innovator, and the winner of “SC Award Europe” in the “Best Usage of Machine Learning and AI” category.

    ImmuniWeb® Community Edition runs over 100,000 daily tests, being one of the largest application security communities. ImmuniWeb SA is an ISO 27001 certified and CREST-accredited company.

    https://www.immuniweb.com.

    Real website security means protection from the inside out as well as the outside in. SiteLock does it all -- daily scanning, automatic malware removal, web app firewall, a global CDN for a blazingly fast website and our support team is here for you 24/7. Our dynamic Trust Seal shows visitors your website is safe, increasing conversions and ROI.

    Sample Customers
    Ebay, United Nations, Next Bank Credit Agricole, Geneva Swiss Bank, Banca Stato, Celgene, SIM University, Heymarket, Swissquote, more...
    galaxyguitar.com, robertasinc.com, indiarunning.com, comprarenpr.com, idbasolutions.com, newgrip.com
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm15%
    Comms Service Provider10%
    University7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider11%
    Government7%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business71%
    Midsize Enterprise14%
    Large Enterprise14%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise15%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise13%
    Large Enterprise55%
    Buyer's Guide
    Application Security Testing (AST)
    March 2024
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST). Updated: March 2024.
    765,234 professionals have used our research since 2012.

    ImmuniWeb is ranked 17th in Application Security Testing (AST) with 7 reviews while SiteLock is ranked 44th in Application Security Testing (AST). ImmuniWeb is rated 8.2, while SiteLock is rated 6.6. The top reviewer of ImmuniWeb writes "Easy initial setup process, but reporting feature for web scanning tools need improvement". On the other hand, the top reviewer of SiteLock writes "Not only did its website scanner find my website's security issues, but I was also able to implement a security system to prevent future breaches. ". ImmuniWeb is most compared with Qualys Web Application Scanning, Acunetix, Tenable.io Web Application Scanning, OWASP Zap and Veracode, whereas SiteLock is most compared with Sucuri, Cloudflare, Imperva DDoS and AWS WAF.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.