Press Releases

Virginia Commonwealth University Enrolls WhiteHat Security and its Application Security Platform to be the Foundation of its Application Vulnerability Management Program

Near-zero false positives, combination of SAST and DAST services, and remediation guidance expedite time-to-value  

San Jose, Calif., March 6, 2018 – WhiteHat Security, the leading application security provider committed to securing digital business, today announced that renowned academic institution Virginia Commonwealth University (VCU), has selected WhiteHat Security to keep its complex ecosystem of mission-critical applications secure. VCU has chosen the WhiteHat Sentinel Source static application security testing (SAST) solution to ensure security is addressed early in the software development lifecycle (SDLC); and the WhiteHat Sentinel Dynamic solution for dynamic application security testing (DAST) to provide continuous vulnerability assessments of VCU’s live websites, ensuring the Richmond-based academic institution remains secure and compliant.

With more than 31,000 students and more than 2,200 full time teaching and research faculty members from 13 different schools, the university needed a solution to help them meet compliance and regulatory needs and to enjoy all the benefits of digital transformation without the security headaches.

VCU is a federated environment, so there is autonomy within departments when it comes to making most IT-related decisions. However, the university’s information security team is responsible for overall security across VCU departments and centers. The increasing pace of cyber attacks, combined with the need to adhere to multiple compliance standards – including FERPA, NIST 800-171, PCI and HIPAA – led VCU’s Infosec team to develop an application vulnerability management program, with application security at its core. The team evaluated a number of appsec vendors through a rigorous process to identify the right solution.

Following the review process, VCU turned to WhiteHat Security’s Application Security Platform, which provides a combination of SAST and DAST services. WhiteHat’s SAST service, Sentinel Source, provides developers with a solution that can quickly and accurately identify security vulnerabilities during the application development process, and provide actionable, prioritized results with custom remediation advice. WhiteHat’s DAST solution, Sentinel Dynamic, continuously scans websites for vulnerabilities, providing automatic detection and assessment of code changes and alerting for newly discovered vulnerabilities. Additionally, unlike alternative offerings, all vulnerability results are verified by WhiteHat’s Threat Research Center (TRC) security experts to remove false positives, and customers have direct support access to TRC engineers through the platform’s “Ask a Question” feature.

“We had to build our application vulnerability management program from the ground up, and WhiteHat guided us through this process,” said the contract administrator at Virginia Commonwealth University who led this deployment. “Although we’re still in the early stages of deployment, we have already noticed that our application developers are taking a more proactive approach to remediating vulnerabilities found by the WhiteHat platform. Combined with the continuous scanning provided by Sentinel Dynamic, we feel we’re doing everything possible to minimize our windows of exposure to cyber threats.”

“We were very impressed with the thoughtful and thorough evaluation process that the VCU team used to determine the right solution for their application vulnerability management program,” said Matthew Handler, Chief Revenue Officer at WhiteHat Security. “Universities are challenged to secure the business of running the institution, as well as that of meeting many different compliance mandates. We’re delighted and honored that VCU chose WhiteHat Security to help them secure the digital lives of their employees, students and the local population they serve, and to meet the myriad compliance mandates unique to each division across the university.”

Learn more about the WhiteHat Application Security Platform, read the WhiteHat blog, check out other customer success stories, or visit the WhiteHat Threat Research Center.


About Virginia Commonwealth University

Virginia Commonwealth University is a major, urban public research university with national and international rankings in sponsored research. Located in downtown Richmond, VCU enrolls more than 31,000 students in 225 degree and certificate programs in the arts, sciences and humanities. Seventy-nine of the programs are unique in Virginia, many of them crossing the disciplines of VCU’s 13 schools and one college. For more, please visit


About WhiteHat Security

WhiteHat Security has been in the business of securing applications for over 15 years. In that time, we’ve seen applications evolve and become the driving force of the digital business, but they’ve also remained the primary target of malicious hacks. The WhiteHat Application Security Platform is a cloud service that allows organizations to bridge the gap between security and development to deliver secure applications at the speed of business. This innovative platform is one of the reasons why WhiteHat has won numerous awards and been positioned by Gartner as a Leader in application security testing four times in row.  The company is headquartered in Santa Clara, Calif., with regional offices across the U.S. and Europe. For more information on WhiteHat Security, please visit, and follow us on TwitterLinkedIn and Facebook.




Press Contact:
Emily Gallagher

Ph: 512-373-8500

Tags: application security