About Sentinel Source
WhiteHat Sentinel Source scans your source code, identifies vulnerabilities, and provides detailed vulnerability descriptions and remediation advice in the WhiteHat Portal UI. Sentinel Source can also be integrated with your JIRA® instances to support your builds or allow JIRA® tickets to be generated automatically for the vulnerabilities you choose.
Questions
Do you want to scan code or binaries?
Sentinel Source can scan your code, or it can scan the binaries generated from the code.
Scanning Code
Scanning code directly allows Sentinel Source to take advantage of scanning technology developed for that particular programming language. When you are scanning your code, you can be confident that the code snippets and line numbers provided in the vuln detail information reflect your actual code accurately, making it easy to locate and resolve your vulnerabilities. However, if there is code you depend upon that is not available — for instance, third party content — then you cannot discover potential vulnerabilities in that code, and you may want to use binary scanning.
Scanning Binaries
Scanning binaries allows you to include anything that you can provide authorization to scan, whether you can access the code itself or not. Including third party dependencies contributes significantly to your security, but may be less helpful than scanning code for identifying issues in your own intellectual property.
Do you want to use Directed Remediation?
Enabling Directed Remediation allows you to use recommended patches (where available) to correct specific vulnerabilities, either using the WhiteHat library directly or by reading and understanding what the patch does and implementing a custom approach to suit your particular business needs. (Please see Introduction to Directed Remediation for more information on Directed Remediation.)