Knowledge Center

Frequently Asked Questions

Continuous Assessments for Production Web Applications

Why should you continuously scan and test your production web applications? 

Web applications are the core of your digital business, and web application attacks represent the one of the greatest risks to an organization, being the target of more than 40% of all attacks made. Your web applications may not update regularly or often. Perhaps the main code doesn’t change often. If this is the case if may seem unnecessary to continuously scan your web applications.

But this may not always be the case. Websites can be attacked or changed, or updated with a new feature that may or may not have been carefully vetted by security controls. 

Why is change protection important? 

Web security is an ever-changing industry, and there are constantly new attacks being written. As security engineers finds ways to remediate known vulnerabilities, attackers are finding new vulnerabilities or different ways to exploit known vulnerabilities. In addition, with the growth of news coverage touching on web application hacks, having weak web security or insufficient security controls could have a negative effect on your brand. 

Why do you need to setup dynamic scanning? 

The dynamic threats and unstable dangers are why you need to constantly monitor and scan your production website with Dynamic Application Security Testing (DAST). Your website is the most publicly- accessible entrance to your IT ecosystem, so this is often where an attacker will start looking for weakness. Your website is a portal to where your customer’s data will be stored via APIs to your database, and the consequences of disclosing this and other personal information are high. 

What is the benefit for continuous assessment? 

When you are continuously monitoring your production site with regular security scans, you will be more aware than ever of changes and updates, and increase your awareness of the dangers to your site. WhiteHat understands that web security is always evolving, and we make sure our scan and testing evolves along with it. We add new tests and update vulnerability descriptions as they are needed, to refine our scans and help protect against zero-days. This allows us to notify you about new vulnerabilities early, which allows you to work towards remediating issues sooner. 

What is the solution? 

WhiteHat Sentinel Source is a software-as-a-service platform that enables your business to protect your internal applications by deploying a scalable application security program. By combining our technology with the human intelligence of the world’s largest security team of our Threat Research Center, we deliver the world’s most powerful solutions for detecting security vulnerabilities in your internal applications with near zero false positives. 

Designed with production-safe principles in every scan configuration, the Sentinel DAST scanning re- validates previous findings and looks for any changes that might have taken place since the last scan. These can include frequent or untested patches, new plug-in applications, new zero-day vulnerabilities, or configuration updates with unintentional side effects.