Adding or Editing Credentials

Credentials are necessary for Sentinel to have the ability to scan sites that require users to log in for access. WhiteHat Security recommends that at least two sets of credentials be entered for each such site, with the second set being used should the first set fail. These should not be the credentials of any existing user.

To enter or edit credentials, go to the Site Details page from the Assets tab and select the Scan or the Services subtab. Under the Scan subtab, you can enter or edit scanning credentials; under the Services subtab you can add or edit credentials to be used in a Business Logic Assessment.

site overview to add credentials

Adding Scanning Credentials

Choose the "Scan" subtab and you will see the information for this site’s scans.

assets scan screen

If you need to add credentials, you will see an "Add" link.

add scanning credentials for site

Click on that link to see the Add Credentials popup.

add scanning credentils for site popup

You must enter a name for the credential and information for at least a primary login; we strongly recommend including a backup login as well. This information includes:

  • Username

  • Password

  • Login (Entrance) URL

  • Destination URL

  • Any notes about this set of credentials

When you have entered all information, click on "Save" to save this set of credentials.

Editing Scanning Credentials

To edit existing credentials, click the arrow next to the credentials you want to edit and you will see the "Edit" link.

edit scan credentials

Click the "Edit" link to enable editing.

edit scan credentials for site

Adding BLA Credentials

Choose the "Services" subtab and you will see the information for this site’s Business Logic Assessment(s).

add credentials link for bla

Click on "Add Credential" to add site credentials. Sentinel will accept primary and backup Business Logic credentials.

add bla credentials

You must enter a name for the credential and information for at least a primary login; we strongly recommend including a backup login as well. This information includes:

  • Username

  • Password

  • Login (Entrance) URL

  • Destination URL

  • Any notes about this set of credentials

When you have entered all information, click on "Save" to save this set of credentials.

For information about using SMS-based two-factor authentication for your assessments, please see SMS-Based Two-Factor Authentication.

Editing BLA Credentials

To edit existing credentials, click the arrow next to the credentials you want to edit and you will see the "Edit" link.

edit scan credentials

Click the "Edit" link to enable editing.