About Sentinel Source

WhiteHat Sentinel Source scans your source code, identifies vulnerabilities, and provides detailed vulnerability descriptions and remediation advice either in the Sentinel UI or directly in your IDE. (See IDE Plugins for more information.) Sentinel Source can also be integrated with your Jenkins or JIRA® instances to support your builds or allow JIRA® tickets to be generated automatically for the vulnerabilities you choose.

Questions

Do you want to scan code or binaries?

Sentinel Source can scan your code, or it can scan the binaries generated from the code.

Scanning Code

Scanning code directly allows Sentinel Source to take advantage of scanning technology developed for that particular programming language. When you are scanning your code, you can be confident that the code snippets and line numbers provided in the vuln detail information reflect your actual code accurately, making it easy to locate and resolve your vulnerabilities. However, if there is code you depend upon that is not available — for instance, third party content — then you cannot discover potential vulnerabilities in that code, and you may want to use binary scanning.

Scanning Binaries

Scanning binaries allows you to include anything that you can provide authorization to scan, whether you can access the code itself or not. Including third party dependencies contributes significantly to your security, but may be less helpful than scanning code for identifying issues in your own intellectual property.

Do you want to use Directed Remediation?

Enabling Directed Remediation allows you to use recommended patches (where available) to correct specific vulnerabilities, either using the WhiteHat library directly or by reading and understanding what the patch does and implementing a custom approach to suit your particular business needs. (Please see Introduction to Directed Remediation for more information on Directed Remediation.)

Do you want to enable your developers to get Sentinel vulnerability information directly in your IDE?

If you use Eclipse, IntelliJ, Visual Studio, or xCode for your development environment, you can install a Sentinel Plugin that will provide vulnerability information to your developers directly in that IDE. Using the plugin, the developers can review the vulnerabilities, see definitions and recommendations for the vuln classes, and ask questions of the Threat Research Center engineers directly from the IDE.