Email Article
Suggest LinkThe flagship offering from WhiteHat Security, WhiteHat Sentinel is a Web application vulnerability scanning, assessment, and reporting service. It is hosted by the vendor and accessed by customers via a Web portal interface. Customers can perform scans on-demand, or can schedule scans to occur daily, weekly, or whenever the target application changes (weekly scans are most typical). Pricing is per Web site and is such that the customer pays an annual fee for the right to perform an unlimited number of scans.
The scanning technology itself is proprietary, with the vendor stating that thousands of sites can be scanned simultaneously via a "non-invasive" and "non-destructive" (tests do not seek to bring down the target site) methodology that processes a maximum of three requests against the target site per second and purposely does not download images. Automated logins to protected site areas are supported--both for authentication testing and for allowing the scanner to access the areas--as is the scanning of applications utilizing JavaScript, Flash, AJAX, Java Applets, or ActiveX.
The scanning technology is based on the identification of 24 classes of vulnerabilities as defined by the WASC (Web Application Security Consortium), which themselves include and expand the OWASP Top Ten. Such vulnerabilities are grouped into categories including authentication (brute force testing, weak passwords, etc.), authorization, client-side exploits (content spoofing, cross-site scripting), command execution (buffer overflow, SQL injection, etc.), information disclosure, and logical attacks.
Augmenting the scans themselves are the vendor's security engineers; individuals that setup, configure, and manage the scans on each Web site, verify the vulnerabilities discovered by the scans, and perform any necessary custom testing of application business logic as part of the vulnerability assessment in order to identify potential vulnerabilities that may not be noticed in automated scans.
As aforementioned, customers access the service and collected data via a Web management interface; communications with this interface are protected via 128-bit SSL communications (and the DB itself is protected via 256-bit AES encryption). Available information includes historical vulnerability tracking (each reported vulnerability is labeled with an ID, Web site, severity rating, discovered date and resolved date) and remediation data, and reports are customizable and can be exported to HTML or PDF.
Other components/features of the WhiteHat Sentinel platform include the WhiteHat Satellite appliance, and the WhiteHat Web Services API.
While WhiteHat Sentinel scans operate on publicly accessible Web applications, WhiteHat Satellite is an on-premise appliance that augments the Sentinel service and provides scanning capabilities for Web applications behind the corporate firewall.
Meanwhile, the WhiteHat Web Services API provides a programmatic interface to the customer's vulnerability data allowing the information to be integrated into the customer's own security management systems. The API allows the customer to retrieve vulnerability data from their Sentinel account in XML format, containing all vulnerabilities in open and closed status. Enhancements to the API in the latest release include support for the listing/updating of site information (including credentials), The ability to limit vulnerability report results to those of interest, the ability to request a vulnerability retest and retrieve status on these tests, and XML enhancements including XML Schema available for each type of XML document and XSL Stylesheets for Site XML.
New in the latest WhiteHat Sentinel release is a new scoring system that allows customers to combine a site's business value with the potential severity of the discovered risk in an attempt to prioritize vulnerabilities; and a Q/A function that allows customers to submit questions in regards to vulnerabilities that are stored with the vulnerability's information and are made accessible to all other developer's in the company for educational and historical reference.
WhiteHat Sentinel is available in two primary flavors: WhiteHat Premium Edition (PE), and WhiteHat Standard Edition (SE). The key difference is the involvement of the WhiteHat personnel; in SE, no custom business logic testing or "proof of concept" vulnerability examples are generated. Additionally, SE tests against only 13 of the WASC categories.
Contact WhiteHat Security for further information.
product submission by EITPlanet Staff
| |||||||||||||
 |
Latest category updates via our RSS feed
 |
|
Hyper-V: The Killer Feature in Windows Server 2008 It's fair to say that while many of the other new features are evolutionary, Hyper-V, by contrast, is revolutionary. Paul Rubens explores Microsoft's big step into virtualization. » Achieve flexibility and agility in your IT environment, from desktop to data centers, with Microsoft virtualization technologies. » Tune in to the on-demand Webcasts and learn how you can leverage the new features to improve your organization's networking infrastructure and security, server performance and reliability, remote resource access, and client deployment. » With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. » Keep up with the latest tricks, tips, and news about Microsoft Windows Server 2008, as well as related technologies like Hyper-V, by reading the Windows Server 2008 blog. » |
|
| |||
