We performed a comparison between ImmuniWeb and SiteLock based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, GitLab and others in Application Security Testing (AST).Earn 20 points
ImmuniWeb is ranked 21st in Application Security Testing (AST) with 3 reviews while SiteLock is ranked 29th in Application Security Testing (AST). ImmuniWeb is rated 7.4, while SiteLock is rated 0.0. The top reviewer of ImmuniWeb writes " An OSINT and AI-powered security tool with a useful automated discovery feature". On the other hand, ImmuniWeb is most compared with Qualys Web Application Scanning, Acunetix, Tenable.io Web Application Scanning, NowSecure and OWASP Zap, whereas SiteLock is most compared with Sucuri, Cloudflare, Imperva DDoS, AWS WAF and Comodo cWatch.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
While Cloudflare and AWS offer similar solutions, they do not have the scale, or customizable rule sets necessary for a large enterprise. The pricing is misleading, as it's cheap for the basics, but for a large enterprise's needs, the pricing at Akamai is extremely competitive and the value is unmatched.
Akamai Security Services-Gartner Magic Quadrant for Web Application Firewalls 2017 -- Akamai is now a LEADER
Please click on this link to learn more : http://pd.lnkd.in/uwo9sv3
Akamai has a comprehensive security portfolio, serving the largest global enterprises, and government agencies. Lastly, Akamai's Bot Manager with credential abuse mitigation is a leader in identifying and mitigating these types of malicious attacks better than anyone in the market!
I haven't heard about SiteLock or Immuniweb, but I have used Qualys Web Application Scanning (WAS) and IBM SiteProtector. They are great vulnerability tools. I just want to add to what Omar said, having IDS/IPS tools like FireEye or QRadar is also benefits to protect assets. Let us know what your decision is.
There are many products out there that work as a WAF. WAF is not really aware of the application it is securing. There are solutions that block DDoS attacks (it needs a bit of muscle power as well). The other issue is the attack of automated bots in the system. AS of now none of the security vendors gives a full stack of protection against these attacks
http://prophaze.com/ is the only solution that is more of a WAF + RASP + BOT + DDOS solution which is built on Kubernetes architecture. It is the first distributed cloud security solution on microservices that can secure your APIs, Web Apps from highly sophisticated attacks.
Its behavioral learning algorithm understands the HTTP flow of the API or web application it is securing and will create a score based on the various accepted behavior in the application. Prophaze during its initial 14 days of the trial will automatically profile the applications using its ML-based algorithms
Important Features
Virtual Patching
Bot Mitigation
Hi, to secure completely your web application you need to:
1) Use tools that check against vulnerabilities at run time
2) Use code review tools, that looks for common vulnerabilities documented by OWASP and CWE.
Options 1 and 2 are mandatory and complementary at the same time.
Option 2 is interesting because it will give you an exhaustive report of vulnerabilities location.
Option 1 is interesting because it allows you to check if there is any vulnerabilities left at run time.
For option 2 you can look for Kiuwan (www.kiuwan.com). I'm using it for auditing security issues in web applications, and it has great vulnerabilities coverage.
A WAF can be an excellent solution, most of them are design to absorb large attacks such as DDOS attacks and also protects against common application attacks (SQLi, XSS, etc). Akamai is a good example of a CDN which includes WAF a cheaper option can be Cloudfare or AWS .
Based on my experience I know Akamai WAF can generate a detail report with the type of attacks that is trying to be exploited as well bot information and GEO Tags.
There are various tools out there in the market such as web application firewalls (WAFs), DDoS prevention, and vulnerability scanning tools at various levels (host vs. web). You need to select a combination of the right toolset to do the job. However, web security is not just about the tools, you need to conduct proper assessment of your environment through penetration testing, code review, architecture review and so forth.
Hi, there are various stages in protecting from web vulnerabilities.
Start using tools like Web application scanner (like Netsparker) to eliminate false positives.
Hardened your web applications.
Deployed an on-prem WAF (with scrubbing) together with cloud WAF (big leaders like Akamai, Cloudflare or Incapsula can mitigate DDoS).
Total protection comes with on-going monitoring depending on your policies.
Consider Netscaler application firewall and mas.