Project description
Automated web vulnerability scanning will help smaller companies protect sensitive business data
Web-based applications are particularly vulnerable to breaches, and attacks are increasing rapidly. Companies often hire costly and time-consuming manual penetration testing services, but many either cannot afford them or do not test often enough due to the time-consuming nature of the services. The Portuguese SME Probe.ly has developed a market-changing software-as-a-service that conducts automated web vulnerability scanning. The solution can be implemented in an agile environment by a company’s software developers. The EU-funded Probe.ly project will support the team in optimising the software and planning the road to commercialisation.
Objective
The number of publicly reported breaches with sensitive and business data exposed, has been increasing significantly year after year. Web application attacks are the most common attack pattern, with 40% of all breaches. These attacks exploit vulnerabilities that were introduced in the applications inadvertently by their developers.
The most popular solution companies use to find vulnerabilities is to hire penetration testing services. However, these services are a) costly because they are performed manually and b) to manage all of the findings is very time consuming.
Due to these two reasons, companies don’t test the security of their applications as frequently as they should.
Probe.ly automates web vulnerability scanning. Our customers can cost effectively scan web applications and efficiently manage the lifecycle of the vulnerabilities found in an intuitive web interface. As opposed to Web Application Penetration testing, Probe.ly since it is automated, can offer a very competitive price and address a new market of small companies that do not have the budget for penetration testing services. The objective of our proposal is to enhance R&D to create a viable solution that helps companies to identify vulnerabilities in their web applications, contributing to safer applications and a safer Internet. We believe that, as opposed to the majority of our competitors, targeting
Developers is the right way, since they are the ones that introduced the vulnerabilities, but also because we can take a more educational role by explaining to them why the vulnerability exists, its impact and how to avoid future problems.
Our market is worldwide and is targeted at companies that have a development team and build online services.
Our pricing is based on a subscription model (SaaS) with self-onboarding for smaller companies and through a network of resellers to larger companies.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques.
- natural sciencescomputer and information sciencesinternet
- natural sciencescomputer and information sciencescomputer securitydata protection
- natural sciencescomputer and information sciencessoftwaresoftware development
- natural sciencescomputer and information sciencessoftwaresoftware applications
You need to log in or register to use this function
Programme(s)
Funding Scheme
SME-1 - SME instrument phase 1Coordinator
4460-686 MATOSINHOS
Portugal
The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed.