line
transparentspacer transparentspacer

WhiteHat Sentinel Premium Edition ::

 

WhiteHat Sentinel Premium Edition (PE) is ideal for larger, more complex, mission critical publicly-facing websites that are high-risk attack targets. These websites normally require frequent code updates, increasing the likelihood of introducing new vulnerabilities.

The key differentiator between Sentinel SE and Sentinel PE is the inclusion of custom testing by the WhiteHat Security Operations Team to manually identify business logic flaws. Uncovering these types of vulnerabilities requires manual review of a website by security experts who are capable of understanding things like account structures and the contextual logic in Web applications.

  Sentinel PE Assesses for the 24 + 2* Classes of Vulnerabilities
  Technical Vulnerabilities   Business Logic Flaws  
 

Command Execution
– Buffer Overflow
– Format String Attack
– LDAP Injection
– OS Commanding
– SQL Injection
– SSI Injection
– XPath Injection

Information Disclosure
– Directory Indexing
– Information Leakage
– Path Traversal
– Predictable Resource Location

Client-Side
– Content Spoofing
– Cross-site Scripting (XSS)
– HTTP Response Splitting*

  

Authentication
– Brute Force
– Insufficient Authentication
– Weak Password Recovery
– Validation
– Cross-Site Request Forgery*

Authorization
– Credential/Session Prediction
– Insufficient Authorization
– Insufficient Session Expiration
– Session Fixation

Logical Attacks
– Abuse of Functionality
– Denial of Service
– Insufficient Anti-automation
– Insufficient Process Validation

  


WhiteHat and F5 Team to Battle Attacks Against Enterprise and Ecommerce Websites. WhiteHat Sentinel and F5 BIG-IP ASM Integrate via F5’s iControl API; customers achieve dynamic vulnerability assessment, detection and remediation for Total Website Security. ›››
line
line
line