It’s time that somebody democratized Application Security Testing! So, we thought “why not us?”
The Dream …
There are 600 million websites that need protection. Security testing tools are expensive and need trained man power to operate them. We probably do not have enough humans on earth to test all the 600 million online applications on a regular basis. Its time somebody did what Hotmail did to email or Skype did to VOIP. Its time that somebody democratized Website security Testing! It is a lofty dream and I am sure it is a challenging one too. At iViZ we have made this our dream!
We are going to launch a limited beta of the free website scanning service on July 25th in Las Vegas to coincide with the 2012 Black hat conference. The “limited beta” solution will be available by invitation or through early registration for the first 3 months for enterprises, media and security researchers. iViZ will then release the solution in a phased manner and gradually make it open to all. To prevent misuse of the service iViZ is going to provide the solution only to registered organizations. Security researchers and students can use the solution through a special approval process.
iViZ will continue to offer its paid “Premium Application Penetration Testing Service” which “Guarantees Zero False Positives” with “Manual Expert Validation” and “In-Depth Business Logic Testing”. However, the “purely automated security testing” will be available for free. iViZ is adopting the “Freemium” strategy similar to that of Gmail, Skype or LinkedIn where the revenue from the paid service will be used to fund the free service.
Our “Application Penetration Testing” Cloud platform has been used for several years for delivering the premium service to more than 300 global enterprises which include 2 of the top 3 telecommunications companies, 2 of the top 5 IT Service Providers, and 2 of the Top 10 banks etc. The solution has also won numerous national and international awards. We are utilizing the same platform for launching the Free Service.
What we are essentially doing is “pruning” down our existing full blown solution to offer pure automated scans as a free service. Nonetheless this would be a challenging exercise considering the financial and operational perspective. We would completely rely on “word of mouth” publicity to promote the free service since it is not economically viable to promote it using marketing dollars. We hope that our “Premium Service” revenue would help us to subsidize the cost of “Free Service“. This would definitely be an exciting journey and would love to seek the advice, help and support of the community to make our dream successful.
How to register?
PS: If you are a security researcher or in technology media and want know more about the free service OR provide us your valuable feedback, please feel free to write to me directly: bikash <at> “iViZ official website” . com
Also drop me a note if you are in Blackhat/Defcon. Would love to meet you and know your thoughts/feedback!