This month has been a great month for improving our self-service options in the Sentinel portal, all fueled by customer requests.
First of all, we have created the ability for customers to add their own Associated Host Names (AHN) to a site. Previously handled through opening cases or calling support, this new feature allows customers to add up to ten AHN per site as they set up a new scan, either Basic, Standard, or Premium Edition. Sentinel administrators can add AHNs during onboarding, or after the site has been boarded from the Asset > Overview tab.
Once the AHN has been registered, WhiteHat TRC will verify that the added AHN is part of the same site. Sentinel users and admin are kept updated of the WhiteHat decision through the Status indicator visible next to each AHN. Various states include: Pending Verification, Verified, or Rejected. Sentinel admins can delete “Rejected” and “Pending Verification” status AHNs. Example:
As with most administration and questions, all AHN related activity will be logged into “Activity Log” as part of maintaining a site audit trail. This feature will be released on 3/29/2018 to all WH DAST customers.
Business Logic Assessments (BLA) complement the Premium Edition dynamic scanning, providing the third-party web application penetration test required for many compliance items and best practices. Already available is the ability for administrators to schedule their own Business Logic Assessments (BLA.) WhiteHat recommends scheduling your BLA either immediately (especially for sites that are newly covered under a BLA license) or as best suits the business processes to ensure that major changes to your site are reviewed promptly.
Again, this capability bypasses the need for emails and cases, and puts the power of deciding when to schedule the BLA right at our customers’ fingertips, along with reviewing the newly re-designed BLA report.
For customers, there is more detailed information available in the document Understanding and Managing Business Logic Assessments in Salesforce. Once you have successfully scheduled your BLA, you will see a confirmation in the Assets tab here:
We hope these updates and new capabilities will allow our customers greater control and transparency, both to interact with Sentinel to add AHNs and scheduling BLAs appropriate to their websites.