• Support   |   Contact a Representative   |   Contact WhiteHat

• Website Risk Management
  • Asset Identification
  • Vulnerability Management
  • Reporting/Communication
  • Protection
• Sentinel Services
  • Cost-effective Solution
  • Benefits
  • Core Features
  • Selection Guidelines
  • Sentinel Premium Edition
  • Sentinel Standard Edition
  • Sentinel Baseline Edition
  • Sentinel for QA
  • PCI Compliance
  • Integration – via XML API
  • Certification Program
  • How Sentinel Works
  • WAF Integration
• Support Plus
  • Gold Service Level
  • Silver Service Level
  • Standard Service Level
  • Service Levels
• Education Services
  • Guidelines
  • Intro to Web App Security
  • Secure Coding for Java
  • .NET
• Events & News
  • News Coverage
  • Press Releases
  • Interviews
  • Awards
• Resources
  • Whitepapers
  • Webinars & Presentations
  • Jeremiah Grossman Blog
  • Website Statistics Report
  • Website Security Glossary
• Partners
  • Strategic Partners
  • Partner Application Form
  • Partner Portal Login
• About WhiteHat Security
  • Leadership Team
  • Board of Directors
  • Careers
  • Contact Us
  • Support

• Sentinel Services
• Cost-effective Solution
• Benefits
• Core Features
• Unique Methodology
• How Sentinel Works
• Selection Guidelines
• Sentinel Premium Edition
• Sentinel Standard Edition
• Sentinel Baseline Edition
• Sentinel for QA
• PCI Compliance
• Integration – via XML API
• Certification Program
• WAF Integration

Integration – via XML API

WhiteHat’s highly accurate vulnerability information combined with an open API makes WhiteHat Sentinel the only website risk management solution to provide reliable and precise website vulnerability data that can be shared and practically employed within an organization. WhiteHat Sentinel’s new integration capabilities deliver crystal clear visibility to different business stakeholders, including risk management and compliance, product management and software development teams. Organizations have greater insight into their risk posture and can take corrective action, while communicating that action across the different security tools in their infrastructure.

WhiteHat Sentinel integrates with industry leading bug tracking, security information and event management (SIEM) and Web application firewall (WAF) products, allowing website security data to be shared across departments. For the first time, website security can be integrated into an organization’s operations, delivering new levels of visibility throughout that organization and greater levels of control to security professionals.

WhiteHat offers a RESTful (Representational State Transfer) XML API. The API currently supports vulnerability data, website configurations, and policy information. The WhiteHat open API can be accessed with either a specially generated API Key, or an authenticated session ID token.

The following companies have successfully integrated with WhiteHat Sentinel via its open XML API:

• Snort® IPS developed by Sourcefire – create ultra-targeted Snort rules,expanding the capability of an IPS to reliably detect application layer attacks

• Archer Technologies – to manage enterprise risk by proactively identifying, tracking and managing the remediation of critical vulnerabilities in websites.
  
  
• Jira bugtracking system – to give developers easy access to the information necessary to fix problems in custom website code.
  
  
• Breach Security’s ModSecurity, F5 Networks ASM and Imperva SecureSphere Web Application Firewalls (WAFs) to enable real-time mitigation of website attacks.

WhiteHat Sentinel users can easily build their own integrations to streamline their internal risk management processes and direct WhiteHat’s succinct, actionable data to the correct resources.