Adding or Editing Credentials

Credentials are necessary for Sentinel to have the ability to scan sites that require users to log in for access. WhiteHat Security recommends that at least two sets of credentials be entered for each such site, with the second set being used should the first set fail. These should not be the credentials of any existing user.

To add, edit, or delete credentials, go to the Site Details page from the Assets tab and select the Scan or the Services subtab. Under the Scan subtab, you can enter or edit scanning credentials; under the Services subtab you can add or edit credentials to be used in a Business Logic Assessment.

Adding Scanning Credentials

To add Scanning Credentials from the Site Details page, perform the following steps:

  1. Select the Scan subtab.

    assets scan screen

  2. Click Add Credentials.

  3. Type the Credential label in the text field provided, for your own reference.

    add credentials 1

  4. Provide Primary login information, which includes:

    • Username

    • Password

    • Login Entrance URL

    • Destination URL

  5. Add any additional Login Notes required for this set of credentials.

  6. We strongly recommend including a Backup login as well.

  7. When you have populated all information fields, click Save to save this set of credentials.

Editing Scanning Credentials

To edit existing credentials, perform the following steps:

  1. Click the down arrow next to the credentials you want to edit.

    edit scan credentials

  2. Click Edit to enable editing.

  3. Click Save to keep the changes made.

edit scan credentials for site

Adding, Editing, or Disabling Business Logic Assessment Credentials

Adding Credentials

For sites covered under the Sentinel Premium (PE) service, you can manage your BLA credentials directly in Sentinel.

  1. Click on Add Credential to add site credentials. If you are using a stand-alone BLA license for a site that is covered under the Sentinel Standard (SE) service, please contact WhiteHat Security with your credential information.

    bla add credentials

  2. To create BLA credentials, you must first type a name for the credential. This displays on the Services tab.

    bla adding credential info

  3. Provide Primary login information, which includes:

    • Username

    • Password

    • Login Entrance URL

    • Destination URL

  4. Add any additional notes required for this set of credentials.

  5. We strongly recommend including a Backup login as well.

  6. When you have populated all information fields, click Save to save this set of credentials.

For information about using SMS-based two-factor authentication for assessments, see SMS-Based Two-Factor Authentication.

Editing BLA Credentials

To edit BLA credentials, perform the following steps:

  1. Click the down arrow next to the credentials you want to edit.

    edit BLA credentials

  2. Click Edit to enable editing.

  3. Click Save to keep the changes made.

edit scan credentials for BLA

Disabling BLA Credentials

  1. To disable a given set of credentials, select that set and click on Disable Credentials.

    bla disable credentials 1

  2. Select the Confirm icon to remove the selected credential.

    bla credentials disable confirm

Disabled credentials will no longer be used for Business Logic Assessments. Please replace any credentials being disabled to ensure that your BLA can be completed appropriately.

Setting Up Email Notification for BLA Status Changes

If you would like to receive email notification for particular BLA status changes, you can set that in your Profile.