ImmuniWeb Continuous

Penetration testing targets are web applications or APIs that are continually tested by human experts in addition to 24/7 automated security testing. Human expertise allows detection of sophisticated vulnerabilities and covers all applicable OWASP ASVS Level 3 checks. Automated scanning targets are tested by our award-winning AI engine to detect common vulnerabilities and weaknesses.

Once you access your ImmuniWeb Continuous dashboard, you can fully customize your testing: enable authenticated scans, exclude attack types, limit scanning speed, or define traffic volume. Penetration testing targets allow advanced customization including threat simulation via CBAS.

There is no limit on penetration or automated scanning targets. We recommend classifying business-critical assets as penetration testing targets and the rest as automated scanning targets. Contact us for a tailored quote.

Yes, we can test applications, APIs, and microservices hosted in AWS, Azure, GCP, and other clouds. In addition to OWASP and SANS vulnerabilities, we detect cloud-specific misconfigurations and test for privilege escalation, pivoting, and IAM exploitation.

ImmuniWeb partners with external law firms to issue signed letters of compliance after completing penetration tests. Contact us to learn more.

By default, your data resides on ImmuniWeb’s servers in Switzerland and Canada (GDPR-compliant). Other jurisdictions are available on request. No public cloud is used. You may request secure data deletion at any time.

Yes, we do offer advantageous pricing for government, academia and non-profit organizations. Please reach out to our sales team to see whether your organization qualifies.