Shockingly, application security is an often-overlooked area in the enterprise cybersecurity lineup, despite its clear criticality. After a year plagued by major data breaches caused by application-based vulnerabilities (think TaskRabbit, Ticketmaster, USPS and more), 2019 is the perfect time for organizations to consider implementing security practices into the build/test phase of their app development process and beyond. This will not only be a major step toward turning DevOps into DevSecOps but can help their brands stay out of the headlines and maintain customer trust.
To illustrate this need, WhiteHat Security recently released the 2018 Application Security Statistics Report. And it revealed a glaring problem: up to 70 percent of every application is comprised of reusable software components (e.g. third-party libraries, open source software (OSS), etc.). That translates to applications also “inheriting” the vulnerabilities in those software components. Thus, securing software requires technologies capable of detecting vulnerabilities in the code and components.
Now, to make this level of application security even more accessible to businesses, WhiteHat is announcing the general availability (GA) of its new ‘Essentials’ product line, with the launch of two solutions: Sentinel Source Essentials Edition and Sentinel SCA Essentials Edition. The streamlined ‘Essentials’ products have been created to help organizations meet the needs of the DevOps build/test phase by offering high-speed and fully-automated security testing with comprehensive code coverage. The ‘Essentials’ high-speed solutions cut down scan times, helping developers get the vulnerability assessment results they need faster.
Through the new ‘Essentials’ product line, WhiteHat Security now offers nine products covering the programming, building/testing and operating of the development cycle. The ‘Essentials’ product line will continue to grow but currently includes:
Sentinel SCA Essentials Edition, a standalone, fully-automated software composition analysis (SCA) service that rapidly and accurately identifies third-party and open source components used in an organization’s applications, delivering what is known as the software Bill of Materials. For each of these components, Sentinel SCA Essentials Edition identifies any open security common vulnerabilities and exposures (CVEs), licenses, and out-of-date library versions.
Sentinel Source Essentials Edition, provides high-speed, fully-automated static application security testing (SAST). These findings are comprehensive and highly accurate due to the use of WhiteHat’s Attack Vector Intelligence (AVI) technology. Discovered vulnerabilities are prioritized according to their severity, thus providing guidance on what should be remediated first.
This new line will complement WhiteHat’s existing flagship Sentinel Source Standard Edition solution, which includes fully-verified findings and unlimited access to WhiteHat Threat Research Center engineers.
‘Essentials’ products support WhiteHat’s goal to provide a specific, dedicated flavor of application security testing and SCA products for each DevOps persona: programmers with WhiteHat Scout, builders and testers with Sentinel Source and Sentinel SCA Essentials Editions, and deployment specialists with Sentinel Source Standard Edition. With more applications being pushed out than ever, the ‘Essentials’ product line gives organizations technology options that enable security teams to earn quick wins by having developers rapidly detect and remediate security vulnerabilities – a major step in achieving DevSecOps.
To learn more about ‘Essentials’ and how they can help secure your business critical applications, visit :