WhiteHat Security - Website Security, PCI Compliance

:: Contact a Representative :: Information Center :: Contact WhiteHat ::

Press Releases

In the News :: Press Releases ::

WhiteHat Security Enhances its Sentinel Service to Increase Website Security and Simplify Remediation Management

Software-as-a-Service Platform Upgrades Solidify Position as Only Effective Approach to Ensure Ongoing, Comprehensive Website Security

SANTA CLARA, CA.—February 19, 2008 — WhiteHat Security, the leading provider of website vulnerability management services, today announced enhancements to its WhiteHat Sentinel Service. The latest Sentinel release provides advanced reporting to facilitate remediation, on-demand vulnerability retest and integrated Q & A features, as well as a Web-based API that enables customers to integrate Web threat findings into the website development process. Sentinel’s Software-as-a-Service (SaaS) platform offers enterprises a better way to effectively measure, monitor and manage website vulnerability remediation as part of a holistic approach to security.

New Features Offer Greater Prioritization and Flexibility; Simplify Vulnerability Remediation Process
WhiteHat Sentinel allows customers a new, customized way to rank their sites based upon a scoring system that combines the business value of each site with the severity and threat of an individual vulnerability. The end result allows customers to prioritize remediation and ensure that the most critical vulnerabilities are fixed first.

WhiteHat has also added a Q&A function to the service, a component that would not be available without the SaaS platform. Customers submit questions based on specific vulnerabilities, which are stored in the thread associated with the vulnerability information and remains accessible to development teams across the globe. This support feature creates an interactive environment for a company’s developers and allows others with similar questions to benefit from the information, creating a company-specific archive of website vulnerability history and an educational tool.

WhiteHat Sentinel’s API Enhances the SDLC, Enabling Developers to Manage Vulnerabilities
WhiteHat Sentinel’s API enables customers to integrate WhiteHat’s vulnerability data with their critical development software (including bug tracking systems) and security information systems. This makes it easier than ever for development teams to work with existing interfaces and tools for accessing and managing Web application vulnerabilities. Additionally, developers can initiate their own retests of vulnerabilities discovered by Sentinel from within their preferred software platforms, saving them valuable time. This is critical for large enterprises that have a broad range of websites with development teams spread out across geographical areas that all need access to vulnerability information. Sentinel’s integration with tools and platforms that manage the SDLC delivers significant financial and time savings and simplified management, allowing developers to avoid repeating the mistakes that enable the easy exploit of today’s worst vulnerabilities.

“With today’s websites changing by-the-minute and new threats appearing daily, organizations needs a cost-effective, easy way to manage the overall website security problem,” said Bill Pennington, vice president of services, WhiteHat Security. “As the largest provider of website vulnerability management, we have continual access to the latest threats, giving Sentinel customers the flexibility to address them within the service quickly. The enhanced WhiteHat Sentinel Service offers a simplified approach to ongoing vulnerability remediation to help maintain the integrity of your websites. Delivering our service in a SaaS model is significant, since this approach is the only way to get true and complete protection for even the largest enterprises.”

SaaS: A Proven Model for Complete Website Vulnerability Management
As a SaaS platform, WhiteHat Sentinel rounds out a customer’s security ecosystem and reduces the burden of staying current on the latest Web application vulnerabilities and attack vectors. Because Sentinel is software delivered as a service, updates and enhancements are delivered as often as weekly without long delays between versions. It provides up-to-date, comprehensive vulnerability identification, and is accessible anywhere, at any time. Sentinel does not require investment in hardware, software or personnel, allowing customers to focus on core business objectives while maintaining the scalability necessary to keep up with hundreds and thousands of constantly changing websites.

High-profile breaches, customer diligence, and regulatory compliance mandates such as PCI have driven demand for vigilant website security. It is an area of IT security that businesses of all sizes and industries have in common. As today’s enterprises struggle to implement proven methodologies and practices for securing their sites, SaaS is emerging front and center. A SaaS solution ensures greater access to the most up-to-date technology and the ability to scale as a business changes and grows which is crucial since attack vectors and vulnerabilities are always changing.

“Why security SaaS? There are a number of factors influencing its growth,” said Nick Selby, senior analyst and director, enterprise security practice, The 451 Group, a technology industry analyst company focused on the business of enterprise IT innovation, in his report. “First, companies have realized that maintaining multiple layers of security technology requires a level of attention and a range of skills that they’d rather not have to pay for if they don’t have to. Handing off those functions to a company to manage in the cloud is an attractive offer: it saves headcount and the infrastructure costs of managing it yourself.” This comment appeared in an independent report, titled “2008 preview – Enterprise security,” which was published on December 13 of 2007 (see Editor’s Note below).

WhiteHat Security is actively and continuously assessing the mission critical Web applications of more than 100 major corporations, totaling more than 600 applications. WhiteHat offers the most comprehensive solution to satisfy PCI 6.6, the Payment Card Industry’s most recent standard aimed directly at protecting custom Web applications. WhiteHat Sentinel’s revolutionary vulnerability detection methodology effectively assesses for all 24 classes of vulnerabilities identified by the Web Application Security Consortium’s (WASC) threat classification.

WhiteHat Sentinel is currently available in two service levels, Standard Edition (SE) and Premium Edition (PE), for an annual subscription fee with tiered pricing based on the number of Web applications. Contact the WhiteHat sales office at (408) 343-8300 for more information.

About WhiteHat Security, Inc.
Headquartered in Santa Clara, California, WhiteHat Security is a leading provider of website vulnerability management services. WhiteHat delivers turnkey solutions that enable companies to secure valuable customer data, comply with industry standards and maintain brand integrity. WhiteHat Sentinel, the company’s flagship service, is the only solution that incorporates expert analysis and industry-leading technology to provide unparalleled coverage to protect critical data from attacks. For more information about WhiteHat Security, please visit our website, www.whitehatsec.com.

All product and company names are trademarks of their respective companies.

Contact:
Dawn van Hoegaerden
WhiteHat Security
408.343.8314

Rachel Miller
SHIFT Communications
617-681-1256

Editor’s Note: The 451 Group’s report, “2008 preview – Enterprise security” referenced above, is an independently-produced report that was neither sponsored by nor otherwise funded directly by WhiteHat Security. The report and its entire contents are the sole property of The 451 Group, copyright 2007, and are reproduced here by permission. The entire contents of this report are available at www.the451group.com.

###

2007 Press Release Archive ›››