Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

WhiteHat Security Launches Static Application Security Testing Solution

WhiteHat Security, a Santa Clara, California based company best known for its Web application security testing solutions, today launched “Sentinel Source”, a new Static Application Security Testing (SAST) solution that helps developers and security teams with continuous concurrent code assessments.

WhiteHat Security, a Santa Clara, California based company best known for its Web application security testing solutions, today launched “Sentinel Source”, a new Static Application Security Testing (SAST) solution that helps developers and security teams with continuous concurrent code assessments.

Sentinel Source adds to WhiteHat’s existing Web security platform and helps manage the entire software development lifecycle, helping to secure application code as it’s written and improve developer skills surrounding security issues.

WhiteHat Security LogoThe company says Sentinel Source has the ability to track source code development for vulnerabilities in real-time and offers complete integration with its Dynamic Application Security Testing (DAST) product line that assesses sites in production and pre-production.

The technology behind Sentinel Source comes primarily as a result of WhiteHat’s June 2011 acquisition of Infrared Security, a company specializing in application security consultation and the development of static analysis technologies. As part of the acquisition, WhiteHat brought Infrared Security’s management on board, including Eric Sheridan who serves as Chief Scientist for the company’s Static Code Analysis Division, and Jerry Hoff who now serves as vice president of the division. Following the acquisition, over the next year, Sheridan and Hoff worked with the WhiteHat team on the integration of the SaaS-based static testing solution into the WhiteHat Sentinel product line, ultimately leading to today’s launch.

As organizations add more functionality to online applications developers are challenged in keeping applications secure. With Sentinel Source, WhiteHat says developers and security teams can test Web applications as they are developed, returning code remediation data to IT and developers to address security issues that matter most earlier in the development lifecycle, reducing risk, cost and resource-strain.

Other features and benefits that WhiteHat Sentinel Source offers include:

Continuous, Concurrent and On-Demand: Code assessments may be queried as soon as new pieces are uploaded and are also performed continuously to identify if new vulnerabilities are created as development progresses

On-Premise Scanning: Preserves integrity of intellectual property by performing all assessments without compiled source code leaving internal networks by providing an on-site appliance or virtual machine

SaaS-Based Solution: Streamlines deployment and delivers vulnerability management and reporting via the unified Sentinel dashboard

Advertisement. Scroll to continue reading.

No False-Positives: Through WhiteHat Security’s Threat Research Center, Sentinel Source assessments are verified for exploitability so developers can efficiently address real problems

“Recent events have shown Web applications are the new front-line of businesses and that developers now play a key role in not only growing the business, but protecting it as well,” said Jerry Hoff.

Sentinel Source is available immediately and includes Sentinel Baseline Edition (BE) which helps ensure applications continue to be monitored after deployment.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.