WhiteHat Security Enhances its Sentinel Service to Increase Website Security and Simplify Remediation Management
Posted on February 20, 2008
Filed Under Security, Tech Biz, WiFi
SANTA CLARA, Calif., Feb. 19 /PRNewswire/ — WhiteHat Security, the
leading provider of website vulnerability management services, today
announced enhancements to its WhiteHat Sentinel Service. The latest
Sentinel release provides advanced reporting to facilitate remediation,
on-demand vulnerability retest and integrated Q & A features, as well as a
Web-based API that enables customers to integrate Web threat findings into
the website development process. Sentinel’s Software-as-a-Service (SaaS)
platform offers enterprises a better way to effectively measure, monitor
and manage website vulnerability remediation as part of a holistic approach
to security.
New Features Offer Greater Prioritization and Flexibility; Simplify
Vulnerability Remediation Process
WhiteHat Sentinel allows customers a new, customized way to rank their
sites based upon a scoring system that combines the business value of each
site with the severity and threat of an individual vulnerability. The end
result allows customers to prioritize remediation and ensure that the most
critical vulnerabilities are fixed first.
WhiteHat has also added a Q&A function to the service, a component that
would not be available without the SaaS platform. Customers submit
questions based on specific vulnerabilities, which are stored in the thread
associated with the vulnerability information and remains accessible to
development teams across the globe. This support feature creates an
interactive environment for a company’s developers and allows others with
similar questions to benefit from the information, creating a
company-specific archive of website vulnerability history and an
educational tool.
WhiteHat Sentinel’s API Enhances the SDLC, Enabling Developers to
Manage Vulnerabilities
WhiteHat Sentinel’s API enables customers to integrate WhiteHat’s
vulnerability data with their critical development software (including bug
tracking systems) and security information systems. This makes it easier
than ever for development teams to work with existing interfaces and tools
for accessing and managing Web application vulnerabilities. Additionally,
developers can initiate their own retests of vulnerabilities discovered by
Sentinel from within their preferred software platforms, saving them
valuable time. This is critical for large enterprises that have a broad
range of websites with development teams spread out across geographical
areas that all need access to vulnerability information. Sentinel’s
integration with tools and platforms that manage the SDLC delivers
significant financial and time savings and simplified management, allowing
developers to avoid repeating the mistakes that enable the easy exploit of
today’s worst vulnerabilities.
“With today’s websites changing by-the-minute and new threats appearing
daily, organizations needs a cost-effective, easy way to manage the overall
website security problem,” said Bill Pennington, vice president of
services, WhiteHat Security. “As the largest provider of website
vulnerability management, we have continual access to the latest threats,
giving Sentinel customers the flexibility to address them within the
service quickly. The enhanced WhiteHat Sentinel Service offers a simplified
approach to ongoing vulnerability remediation to help maintain the
integrity of your websites. Delivering our service in a SaaS model is
significant, since this approach is the only way to get true and complete
protection for even the largest enterprises.”
SaaS: A Proven Model for Complete Website Vulnerability Management
As a SaaS platform, WhiteHat Sentinel rounds out a customer’s security
ecosystem and reduces the burden of staying current on the latest Web
application vulnerabilities and attack vectors. Because Sentinel is
software delivered as a service, updates and enhancements are delivered as
often as weekly without long delays between versions. It provides
up-to-date, comprehensive vulnerability identification, and is accessible
anywhere, at any time. Sentinel does not require investment in hardware,
software or personnel, allowing customers to focus on core business
objectives while maintaining the scalability necessary to keep up with
hundreds and thousands of constantly changing websites.
High-profile breaches, customer diligence, and regulatory compliance
mandates such as PCI have driven demand for vigilant website security. It
is an area of IT security that businesses of all sizes and industries have
in common. As today’s enterprises struggle to implement proven
methodologies and practices for securing their sites, SaaS is emerging
front and center. A SaaS solution ensures greater access to the most
up-to-date technology and the ability to scale as a business changes and
grows which is crucial since attack vectors and vulnerabilities are always
changing.
“Why security SaaS? There are a number of factors influencing its
growth,” said Nick Selby, senior analyst and director, enterprise security
practice, The 451 Group, a technology industry analyst company focused on
the business of enterprise IT innovation, in his report. “First, companies
have realized that maintaining multiple layers of security technology
requires a level of attention and a range of skills that they’d rather not
have to pay for if they don’t have to. Handing off those functions to a
company to manage in the cloud is an attractive offer: it saves headcount
and the infrastructure costs of managing it yourself.” This comment
appeared in an independent report, titled “2008 preview — Enterprise
security,” which was published on December 13 of 2007 (see Editor’s Note
below).
WhiteHat Security is actively and continuously assessing the mission
critical Web applications of more than 100 major corporations, totaling
more than 600 applications. WhiteHat offers the most comprehensive solution
to satisfy PCI 6.6, the Payment Card Industry’s most recent standard aimed
directly at protecting custom Web applications. WhiteHat Sentinel’s
revolutionary vulnerability detection methodology effectively assesses for
all 24 classes of vulnerabilities identified by the Web Application
Security Consortium’s (WASC) threat classification.
WhiteHat Sentinel is currently available in two service levels,
Standard Edition (SE) and Premium Edition (PE), for an annual subscription
fee with tiered pricing based on the number of Web applications. Contact
the WhiteHat sales office at (408) 343-8300 for more information.
About WhiteHat Security, Inc.
Headquartered in Santa Clara, California, WhiteHat Security is a
leading provider of website vulnerability management services. WhiteHat
delivers turnkey solutions that enable companies to secure valuable
customer data, comply with industry standards and maintain brand integrity.
WhiteHat Sentinel, the company’s flagship service, is the only solution
that incorporates expert analysis and industry-leading technology to
provide unparalleled coverage to protect critical data from attacks. For
more information about WhiteHat Security, please visit our website,
http://www.whitehatsec.com.
Editor’s Note: The 451 Group’s report, “2008 preview — Enterprise
security” referenced above, is an independently-produced report that was
neither sponsored by nor otherwise funded directly by WhiteHat Security.
The report and its entire contents are the sole property of The 451 Group,
copyright 2007, and are reproduced here by permission. The entire contents
of this report are available at http://www.the451group.com.
Contact:
Dawn van Hoegaerden Rachel Miller
WhiteHat Security SHIFT Communications
408-343-8300 617-779-1856
dawn@whitehatsec.com whitehat@shiftcomm.com
SOURCE WhiteHat Security
Share ThisComments
Leave a Reply