About Sentinel

If you prefer to view/print this section in PDF format, click: WhiteHat Service Definition. This particular page is excluded, as it is discussed in greater detail in the Service Definition pages.

WhiteHat Sentinel is a Software-as-a-Service (SaaS) platform that provides application security across the entire software development lifecycle (SDLC). Using advanced scanning technology, Threat Research Center engineers accurately identify your vulnerabilities and provide the information that you need to understand, prioritize, and mitigate or remediate your vulnerabilities.

Projects in development can be analyzed with Sentinel Source even before the code is compiled. You provide Sentinel Source with the repository information needed and Sentinel Source will scan your source code or your binaries. Sentinel Source then provides you with detailed vulnerability information, including the implicated code snippets, an explanation of the problem, and recommendations for remediation. You can also enable 'Directed Remediation' and receive specific code designed to fix your vulnerability.

Projects in pre-production or production can also have their code analyzed with Sentinel Source. Additionally, once a project is in pre-production or production, you can use the highly scalable Software-as-a-Service platform Sentinel Dynamic for Dynamic Application Security Testing (DAST) to accurately identify vulnerabilities in your sites and web applications. Sentinel Dynamic provides:

  • Continuous, concurrent assessments

  • Verified, actionable results

  • Unlimited access to security experts

  • Reporting and intelligence metrics to support business risk management

You provide Sentinel Dynamic with the URL(s) for the site and web applications, the appropriate credential(s), and a schedule of permitted scanning periods. In return, Sentinel Dynamic will provide you with detailed vulnerability information, including an explanation of the vulnerability / vulnerability class and recommendations for remediation. There are several service levels in Sentinel Dynamic, which are appropriate for different types of sites/applications and/or purposes.

With both Sentinel Source and Sentinel Dynamic, you will have direct access to Threat Research Engineers to respond to any questions about the vulnerability, the associated risks, and how it can be remediated.