Automated Website Security Testing Pentest Blog

Is your website secure?

Find out for free!

PurpleRidge Security™ is an automated website security testing service designed for organizations without dedicated security or IT teams, yet require security testing. The service is also used by businesses to verify their websites stay protected.

PurpleRidge™ Security follows the security best practices of the OWASP Top 10 Compliance test. Know as a penetration test or pentest, the OWASP model organizes test results into 10 well-defined categories you need to understand if your site has vulnerabilities. If vulnerabilities are found, you’ll see them in the Free report.

Organizations ranging from Ecommerce, legal and professional services, retail stores, VC firms, realtors, and more, rely on PurpleRidge™ Security to test their websites for vulnerabilities.

What makes PurpleRidge™ Security unique?

Free to test

Only pay if vulnerabilities are found and you want a report (no strings attached) the penetration test, test summary including the full list of attack surfaces report are free. Yes free! You only pay to view the comprehensive report.

Easy to use

The test is a click away, with a minimal technical background required.

Experts to trust

The enabling technology behind PurpleRidge™ was RidgeBot®, an AI-based automated security validation platform developed by Ridge Security, cyber security experts over decades managing security and building automated tools to streamline security.

FREE! Attack Surface Report

FREE! Summary Report

FREE! play with sample testing and get a free sample report

  • Comprehensive security posture measurement: attack surfaces, vulnerabilities and risks.
  • Blackbox testing only with your public domain name
  • Formatted OWASP Top 10 Compliance Report
  • One-click test, extremely easy-to-operate
  • Pay as you view

PurpleRidge™ Security Performs These Tests, Automatically

Cross-site Scripting (XSS)

SQL Injection

File Upload

Remote File Inclusion (RFI)

Local File Inclusion (LFI)

HTTP Host Header Injection

Cross Site Request Forgery (CSRF)

XML External Entity (XXE) Injection


Server Side Request Forgery (SSRF)

HTTP Request Smuggling

OS Command Injection

Insecure Deserialization

Directory and Path Traversal

Authentication Bypass

Information Disclosure

Last but not least known web application and web framework vulnerabilities

Contact our Enterprise Team if you have:

  1. Website that requires login
  2. Website with a single-page design
  3. If you want to test your internal windows or Linux servers

Follows Industry Standard “OWASP” Best-Practices

PurpleRidge automatically tests your website security posture following the OWASP Top 10 Compliance Test. It clearly indicates what OWASP Top 10 test have been done and what are the gaps.

PurpleRidgeâ„¢ Security Finds and Validates Vulnerabilities

PurpleRidge’s AI-enable technology leverages today’s most advanced threat vectors to identify and validate weaknesses in your website security. PurpleRidgeâ„¢ looks for a wider variety of threat types along with testing known weaknesses left unchecked after software updates or even the original installation of core software.

We recommend re-running the pentest quarterly, monthly, or even weekly whenever your site has any updates or changes.

The Difference Between Vulnerability Scanning and Penetration Testing

Watch a short video explaining how these two tests differ and why both are needed.

Managing Business Risk

With PurpleRidge™ identifying exploitable vulnerabilities in your particular environment, your development team can quickly size up the business risk these vulnerabilities present before taking action. They have the option to purchase a comprehensive set of instructions specific to your website and the vulnerabilities validated by the testing process.


Get started for free!

Once you sign up for PurpleRidge Security the process of setting up your account is well-documented and easy to follow. We recommend having your webmaster or IT consultant complete the configuration once the account has been created.

Best Wordpress Popup Plugin