The new technical features are immediately available to newly created projects and shall become fully accessible in all already existing projects by July 30 after synchronization:
- New core engine leverages new Machine Learning models to minimize the number of false positives, while discovering on average 30% more IT assets both on premises and in a cloud. The ML models were trained and are continuously improved on public and private data sets.
- Enhanced cloud discovery performs supplementary testing for known misconfigurations of public cloud storage, it now also detects over 100 cloud-based services including various SaaS and PaaS offerings from public cloud providers that store or process customer's data.
- Containers and CI/CD pipelines discovery provides a comprehensive outlook of unprotected Docker and Kubernetes installations, detects accidentally exposed secrets in publicly available container images and system snapshots, and spots malicious code in software package repositories.
- Increased IoC (Indicator of Compromise) detection for cloud instances and on-premises IT assets brings almost 40% more of verified alerts about security incidents, such as compromise of a web or email server, web application, CDN or cloud VM.
- Improved domain squatting detection leverages Big Data collected in real time about newly created domains in all TLDs to detect on average 35% more typo- or cyber-squatted domains, while reducing the noise (e.g. lawful domain registration by third parties).
- Better email notifications enable corporate users to configure more flexible and gradual email notifications combined with groups and labels to ensure that relevant people in the team or authorized third parties get instant alerts about the detected flaws.
- WAF fingerprinting performs a swift inventory of numerous on-premises and cloud Web Application Firewalls, Load Balancers, anti-DDoS and anti-bot solutions to identify unprotected or forgotten web assets.
Furthermore, we significantly simplified packages and pricing
for ImmuniWeb Discovery. The one-time offering, tailored for Third-Party Risk Management and Supply Chain attacks prevention, is now available as an unrestricted monthly subscription with full features of annual subscription. The latter now has a more gradual packaging structure that fits all industries and takes into consideration diversified needs of our technology and MSSP partners.
Ilia Kolochenko, Chief Architect & CEO at ImmuniWeb, says: "At ImmuniWeb, we are working hard to continually improve our award-winning Platform and stay ahead of the emerging cybersecurity risks and threats.
Fostered by the pandemic, many companies around the globe moved their IT infrastructure into a public cloud, facing previously unknown threats and unforeseen pitfalls. Our newly enhanced capacities to rapidly detect cloud and CI/CD pipelines misconfigurations address the gap and enable enterprises to prevent data breaches rather than respond to them.
In parallel, the enhanced threat intelligence and IoC detection features illuminate what the bad guys are doing in order to react in a timely and adequate manner to security incidents. We are grateful to all our customers and partners who share their ideas and suggestions how to make ImmuniWeb® AI Platform even better. More exciting features are coming soon, please stay tuned."