ImmuniWeb On-Demand
Penetration testing tools
DevSecOps software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if ImmuniWeb On-Demand and its alternatives fit your requirements.
995 EUR per penetration test
Free Trial
Free version unavailable
Small
Medium
Large
- Professional services (engineering, legal, consulting, etc.)
- Real estate and property management
- Healthcare and life sciences
What is ImmuniWeb On-Demand
ImmuniWeb On-Demand is a security testing service that provides on-demand penetration testing and application security assessments for web, mobile, and API-facing systems. It targets security teams and engineering organizations that need third-party testing for compliance, release readiness, or incident-driven validation. The offering combines platform-based scoping and reporting with access to human testers and standardized deliverables, positioning it between fully manual consulting engagements and fully automated scanners.
On-demand third-party testing
The service supports requesting penetration tests without running a full procurement cycle for each engagement. It is suited to periodic validation (e.g., pre-release, post-change, or compliance-driven testing) where an independent assessment is required. Deliverables typically include a structured report and remediation guidance that can be shared with auditors and stakeholders.
Broad application attack surface
ImmuniWeb On-Demand is used for testing common modern targets such as web applications, mobile applications, and APIs. This helps teams cover multiple entry points that often span different technology stacks and ownership boundaries. It can reduce the need to coordinate separate vendors for each target type when a single program covers them.
Workflow-oriented reporting artifacts
The platform approach emphasizes standardized scoping, findings management, and report generation. This can make it easier to track remediation status over time compared with ad hoc document-only engagements. It also supports repeat testing cycles where consistent formats and evidence requirements matter.
Not a full DevSecOps suite
While it can support DevSecOps processes, an on-demand testing service is not a replacement for continuous code, dependency, and infrastructure scanning across the SDLC. Organizations may still need separate tools for SAST, SCA, container/IaC scanning, and CI/CD policy enforcement. Integration depth into developer workflows can vary by environment and may require additional setup.
Testing cadence depends on scheduling
Human-led penetration testing is inherently time-bound and may not align with rapid release cycles. Lead times, tester availability, and scope changes can affect how quickly results are returned. Teams with frequent deployments may need to complement it with continuous automated testing to reduce gaps between assessments.
Scope and depth vary by engagement
Results depend heavily on the agreed scope, time allocation, and rules of engagement. Narrow scopes can miss issues in adjacent systems (e.g., identity providers, third-party integrations, or internal services) that influence real-world risk. Organizations often need careful scoping and retesting to ensure coverage and verify fixes.
Plan & Pricing
| Plan | Price | Key features & notes |
|---|---|---|
| Ultimate | 14,995 EUR per penetration test | OWASP ASVS Level 3; Manual penetration testing: 10 days; Report writing: 2 days; Unlimited retesting; Penetration test certificate; Includes AI-powered and threat-led testing; covers web, APIs & cloud; one test may include multiple domains/subdomains/APIs. |
| Corporate Pro | 5,995 EUR per penetration test | OWASP ASVS Level 3; Manual penetration testing: 5 days; Report writing: 8 hours; Unlimited retesting; Penetration test certificate; AI-augmented testing; covers web, APIs & cloud. |
| Corporate | 2,995 EUR per penetration test | OWASP ASVS Level 2; Manual penetration testing: 3 days; Report writing: 4 hours; Unlimited retesting; Penetration test certificate; covers web, APIs & cloud. |
| Express Pro | 995 EUR per penetration test | OWASP ASVS Level 1; Manual penetration testing: 1 day; Report writing: 2 hours; Unlimited retesting; Penetration test certificate; fast delivery and instant online purchase option. |
Notes: Prices and feature mappings are taken directly from ImmuniWeb's official On-Demand product page. The page also notes: “One penetration test may include one or several domains, subdomains or APIs.” Instant Online Purchase and Expert-Guided Purchase (contact sales) options are available on the official page.
Seller details
ImmuniWeb SA
Geneva, Switzerland
2019
Private
https://www.immuniweb.com/
https://x.com/immuniweb
https://www.linkedin.com/company/immuniweb/
