One year ago, the EU GDPR was officially enforced as a law and imposed a considerable set of data protection and privacy requirements on all organizations handling PII (personally identifiable information) of European residents.
So far, 144,376 complaints were filed for various violations of GDPR, while companies have reported 89,271 data breaches, which they’re obligated to report within 72 hours of discovery. A Brussels report finds that €56 million of fines have been handed out since GDPR was enacted.Swiss Internet-security company ImmuneWeb is a global provider of web, mobile and API security testing and risk ratings, added on its platform opportunity to check matching General regalement on data protection (GDPR) requirements.
“We can see laudable efforts aimed to improve web application security and adhere to GDPR requirements amid European companies. However, there is a long road before the majority of organizations start valuing actual security above paper-based compliance thereby providing users with the privacy and security they truly deserve. To help companies comply with the intricate requirements of GDPR, most of which are quite far from being crystal-clear today, we are happy to enhance our community offering with the new free test”, — said Ilia Kolochenko, CEO and Founder of ImmuniWeb.
With the help of a service organizations can quickly made hundreds of scans for ensuring security and matching their external web-applications to various norms and standards, in particular, to PCI DSS standard (points 6.2, 6.5 and 6.6), and also to GDPR requirements to web-sites and web-applications, noted in parts 5,6,7,25, 32 and 35.
- Checking more than 100 popular content management systems (CMS), web-frameworks and more than 167 thousands plugins;
- Performing non-invasive scanning on all possible vulnerabilities;
- Checking more than 20 HTTP headings, linked with security, encryption and confidentiality for configuration in accordance of best enterprises practices, including OWASP;
- Opportunity for assessment of content security protection for prevention of XSS- and CSRF-attacks, and also attacks with the use of ransom programs and programs for cryptocurrency mining;
Source: https://www.immuniweb.com/news
