WhiteHat Security Unveils Integration Capabilities for Web Site Risk Management

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

Santa Clara, Calif. — May 4
WhiteHat Security, a provider of Web site risk management solutions, announced its full suite of integration capabilities through the WhiteHat Sentinel API. WhiteHat Sentinel, the company's Web site vulnerability assessment and management solution, integrates with industry leading bugtracking, security information and event management (SIEM) and Web application firewall (WAF) products, allowing Web site security data to be shared across departments.

For the first time, Web site security can be integrated into an organization's operations, delivering new levels of visibility and control to security professionals.

WhiteHat's highly accurate vulnerability information combined with an open API makes WhiteHat Sentinel the only Web site risk management solution to provide reliable and precise Web site vulnerability data that can be shared and practically employed within an organization. WhiteHat Sentinel's new integration capabilities deliver crystal clear visibility to different business stakeholders, including risk management and compliance, product management and software development teams. Organizations have greater insight into their risk posture and can take corrective action, while communicating that action across the different security tools in their infrastructures.

The WhiteHat Sentinel API allows organizations to be more flexible in their dissemination of data and exert greater control by allowing different mitigation strategies and time to evaluate business risk. For example, risk management is better-equipped to meet compliance standards, and development teams have more time for remediation without diverting from key business initiatives.

As an example, WhiteHat Security integrated with Archer Technologies, a provider of enterprise governance, risk and compliance (GRC) solutions. The integration of WhiteHat Sentinel with the Archer SmartSuite Framework will enhance a customer's ability to manage enterprise risk by proactively identifying, tracking and managing the remediation of critical vulnerabilities in Web sites. Business managers will be able to analyze and report on vulnerabilities affecting their business-critical Web sites in one single view by risk and category — providing critical vulnerability data and compliance deficiencies. Users can assign ownership, track remediation efforts, proactively address issues before their systems are jeopardized, or accept the associated business risk.

“The ability to leverage software vulnerability information from WhiteHat Sentinel integrated with Archer enables DTCC to recognize the economic benefit of the completion of remediation tasks with assigned accountability,” said Jim Routh, CISO of Depository Trust & Clearing Corp.

“WhiteHat Sentinel provides excellent software vulnerability information by levels of risk that is aligned with an accountability model within Archer to manage risk and track key performance indicators to measure the health of the vulnerability management process.”

Additional implementations of the WhiteHat Sentinel API include integrations with:

Jira's bugtracking system: Gives developers easy access to the information necessary to fix problems in custom Web site code.
F5 Networks and Breach Security Web Application Firewalls (WAF): Enables real-time mitigation of Web site attacks.

“Web site security is more than a tally of the latest vulnerabilities that may threaten a company's Web sites,” said Bill Pennington, senior vice president of services at WhiteHat Security. “It's about risk management. Web site security data is no longer solely the domain of the security team. It's utilized by the compliance, product management and developer organizations within a company, as well.

“WhiteHat Sentinel's ability to integrate with a wide array of solutions such as bugtracking software, SIEMs and WAFs provides a more collaborative and comprehensive approach to protecting an organization's Web sites.”

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|