Through a combination of core products and strategic partnerships, WhiteHat Security provides complete Web security at a scale and accuracy unmatched in the industry. WhiteHat Sentinel, the company’s flagship product line, currently manages thousands of websites – including sites in highly regulated industries, such as top e-commerce, financial services and healthcare companies.
WhiteHat Sentinel Services
Prevent website attacks using the most complete Web security solution for companies of any size. WhiteHat Sentinel, the industry’s leading SaaS application security testing platform, protects some of the largest companies in the world, including leading banks, software companies, online retailers, and consumer products manufacturers.
Unlike traditional website scanners or consultants, WhiteHat Sentinel is the only solution to combine an advanced, cloud-based security platform with a team of security engineers—the WhiteHat Security Threat Research Center (TRC)—who act as an extension to your security team.
This combination helps secure sites in the toughest, most regulated industries across the Web.
WhiteHat Security provides solutions to identify and remediate website security vulnerabilities in every stage of the SDLC.
Always-on risk assessment delivers:
- Alerts for newly discovered vulnerabilities
- Metrics to identify improvement in security measures over time
- Automatic detection and assessment of code changes to web applications
Zero False Positives
Verified, prioritized results eliminate false positives and streamlines the remediation process, including:
- Vulnerabilities are custom prioritized by risk — to target high priority issues
- Clear actions and notifications for fixing issues
- Eliminate triage of false positives and save valuable developer time and resources
Threat Research Center
WhiteHat Security Engineers serve as an extension of your own website security team, providing:
- Direct access to a security engineer for remediation guidance
- Active management of your risk posture
- Proof of concepts for vulnerability exploits
- Tracks real time and historical data to measure your risk exposure over time.
Trending analysis offers:
- At-a-glance view of exposure ratings and progress at closing vulnerabilities
- Comparison of your company’s security profile against other organizations in your industry
- Customers range from start-ups to the Fortune 500
- Tens of thousands of simultaneous assessments
- Millions of vulnerabilities processed per week
Unique features for Sentinel Services
Business Logic Testing
Sentinel Premium Edition subscribers receive special testing to find business logic vulnerabilities. This service entails:
- Creating a customized testing scheme developed and performed by WhiteHat Security Engineers
- Mapping out your Web application, users, roles, and custom business workflow
- Identifying and validating account privileges across roles and between users
- Prioritizing vulnerabilities based on your business goals and intentions
Scanner Configuration and Continuous Tuning
- Sentinel Services includes assessment customization to ensure that Sentinel properly tests all forms and software languages, including Ajax/Web 2.0 requests and Rich Internet Applications, and to maximize scan coverage. This customization is designed to support a production-safe assessment-testing environment, including:
- Reviewing Web 2.0, rich Internet applications and Ajax requests
- Monitoring, tuning, and customizing scans to ensure thorough coverage
WhiteHat Sentinel delivers a proven, scalable, and affordable enterprise application security platform, accelerating the identification and remediation of Web application security vulnerabilities:
- Sentinel Source directly assesses source code during development to uncover difficult-to-detect vulnerabilities in production, enabling remediation earlier in the development cycle.
- Sentinel PL strengthens Web application security at launch by assessing Web applications and providing remediation guidance in pre-production and staging environments.
- Every Sentinel service includes full vulnerability verification by the TRC, which verifies the accuracy of all vulnerabilities, virtually eliminating false positives and dramatically simplifying remediation.
- Sentinel integration with leading Web application firewalls closes the gap between vulnerability detection and remediation with highly targeted virtual patching.
As a part of every Sentinel subscription, members of the TRC analyze your Web application inputs, state-changing requests, and any sensitive functionality to customize testing for safety first, then for depth and coverage. Custom tuning of scans permits full coverage without performance impact, including:
- Eliminating any performance degradations—canning payload is equivalent to a single user
- Assuring data integrity—using benign injections in place of live code
WhiteHat also offers specialized services to analyze and detect vulnerabilities during SDLC (Sentinel Source)