Breaking News

WhiteHat Continues Security Market Leadership in 2018

With an expanding client roster, key executive leadership appointments and widespread adoption of its platform, 2018 was a banner year for WhiteHat Security, one that saw more than 35 percent growth and the highest customer retention to date. Fittingly, WhiteHat closed out the year with Q4 as the biggest quarter in the company’s 17-year history.

In 2018, WhiteHat’s new and existing clients took steps to embrace DevSecOps by integrating WhiteHat’s static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA) capabilities throughout their software lifecycle and achieved their goals of reducing risks due to application vulnerabilities, while keeping budgets in check and meeting their project schedules.

Meanwhile, WhiteHat’s employee headcount expanded to address growing business and operational needs. Across North America and EMEA, 112 new hires included: 

  • Joseph Feiman, chief strategy officer, driving overarching business strategy and vision with CEO Craig Hinkley. Feiman spent 18 years at Gartner as an analyst, where he co-founded the application security market category and defined nearly all of the terms used in the space.
  • Monier Jalal, vice president of Product Management, responsible for driving the strategy and the delivery of application security product suite.
  • Matthew Hutchinson, vice president of Marketing, instrumental in amplifying WhiteHat’s recognition as an established, worldwide leader in DevSecOps and application security.

Product Innovation Highlights

 In September, WhiteHat introduced new, artificial intelligence (AI) software into its WhiteHat Sentinel Dynamic, dynamic application security testing (DAST) solution, which draws from a data lake of 95 million identified vulnerabilities. The AI enhancements deliver the highest level of accuracy in the shortest timeframe, traditionally only achieved through fully automated testing with additional human verification. The software will dramatically decrease threat vector identification times and improve the efficiency of false positive identification.

To continue executing on WhiteHat’s nine-box DevSecOps strategy by providing three types of DAST, SAST and SCA, the company just launched its Sentinel ‘Essentials’ product line. The line is comprised of Sentinel Source Essentials Edition and Sentinel SCA Essentials Edition to provide SAST and SCA respectively for the build phase of the software lifecycle.

Significant advancements were also made to WhiteHat’s Attack Vector Intelligence™ (AVI) technology, so it can automatically identify false SAST vulnerabilities without manual verification from the Threat Research Center (TRC), thus reducing false positive rates. Additionally, a Jenkins plugin was updated with options to fail CI/CD builds if new vulnerabilities are found. This enables “release assurance” for DevOps customers. The total number of supported languages that can be scanned using WhiteHat Sentinel Source and WhiteHat SCA increased to nine, and includes: Java, C#, PHP, Objective-C, JavaScript, HTML/5, XML, and now TypeScript and Python (Beta), popular programming languages used to develop large applications for client- or server-side execution.

DevSecOps is Critical to Securing the Enterprise

WhiteHat’s 13thannual application security report became a call to arms for DevOps teams, because it identified security vulnerabilities and challenges introduced into the enterprise through traditional applications, and through agile development frameworks, microservices, application programming interfaces (APIs) and cloud architectures. Additionally, the report proved that digital transformation initiatives are creating more insecure apps than ever before and increasing overall business risk.

 Education and Certification

 2018 saw WhiteHat continue its commitment to the education and training of the wider security and developer community, especially when the industry is faced with skills shortages in these critical functions of the digital era. WhiteHat held a new “Crash Course” series of webinars with application security engineer, Kimberly Chung, who runs the WhiteHat Academy. The series complements the successful WhiteHat Certified Secure Developer (WCSD) program. Additionally, WhiteHat offered an on-demand version of the  “Security Addendum to the Twelve Factor App”  based on the Twelve Factor App, a methodology that developers can apply to build SaaS apps that are both scalable and maintainable in a DevOps world.

Thought Leadership and Awards

 A series of industry awards were bestowed upon WhiteHat in 2018, including being named a leader in application security in the second annual Cyber Defense Global Awards program from Cyber Defense Magazine; recognized as a winner in the 2018 Cybersecurity Breakthrough Awards, as well as the industry’s leading information security research and advisory guide, Info Security Products Guide’s 2018 Global Excellence Awards.

Partner Development

 After introducing its innovative WhiteHat Partner Network last year, WhiteHat inked partnerships with Bugcrowd, the leading crowdsourced security platform, to broaden the WhiteHat Sentinel™ application security testing portfolio with crowdsourced, continuous vulnerability testing, and Coalfire, a provider of cybersecurity advisory and assessment services.

Tags: DevSecOps