WhiteHat Security Products

Better Single Sign-On for WhiteHat Security Customers

WhiteHat has just integrated PingFederate into Sentinel to provide better single-signon support to our customers. With single sign-on, your own single sign-on portal can require exactly what you want from someone logging in – username and password, or an RSA token code, or a text-back number, or a thumb scan – whatever you prefer to uniquely identify your users. This allows you to make your own security as tight as you like.

Once a user has logged in, their authentication can be “federated” – exchanged securely – with other portals, either locally or at other sites. This is where WhiteHat’s PingFederate integration comes in. That login – secured however you want to secure it – can now be transmitted to WhiteHat’s PingFederate instance, which validates it and then passes it on to Sentinel to actually do the login. Only the fact that the user is valid and their email is exchanged; passwords, internal user IDs, and any other identifying information remains on your server and never leaves it. This means you can now authenticate your Sentinel users as stringently as you do those for your own applications.

That sounds pretty nice, but we also support single sign-on for deep links into Sentinel. Those links actually link to our PingFederate instance, which uses the link to bounce you back to your own single sign-on portal and then back into Sentinel with the federated authentication. If you’re already logged in, then the process just takes you into Sentinel after automatically picking up the authentication.

Past these basic features, it’s now possible for us to extend single sign-on to provide more, like automatic provisioning of Sentinel users, directly adding and removing users in Sentinel simply by doing the same with them locally on your sign-on portal. This makes it much easier for your admins to manage Sentinel users, since they’re just like any other users on your system. We’re also looking into the possibility of integrating our Customer Success Center into PingFederate as well, to make accessing either or both Sentinel and our Customer Success Center far easier and simpler.

Remember, you need your own single sign-on solution to connect up with us – if you have one already, give us a call and ask us about integrating Sentinel. One less ID to remember, and one less password to forget!