Your Sentinel Profile

If you prefer to view/print in PDF format, click: Getting Started - The Basics, which includes Logging On, Sentinel Supported Browsers, and Your Sentinel Profile.

To view your profile, click on My Profile in the upper right of your Sentinel interface.

my profile link2

The My Profile page is displayed.

my profile main1

Field No. Field Name Description

1

User Details

Here you can use Edit My Profile to edit information, such as name, title, email, etc. You can also use Update Password.

2

Public Key

Edit your Public Key encryption information

3

API Key

View, create or regenerate your web API Key information

My Profile

To edit information in your profile, click User Details > Edit My Profile.

edit profile

The My Profile editing screen is displayed.

edit profile screen View or make changes to your profile, as follows:

  1. The First name and Last name fields must be populated.

  2. Type your Title (e.g. IT Security Manager), Mobile number, and Telephone number. Then select your appropriate timezone from the Timezone drop-down menu.

  3. From the Email frequency drop-down, select one of the following:

    • Daily

    • Weekly

    • Monthly

    If you require more granular email frequency, please contact support@whitehatsec.com.
  4. Choose your email triggers and select whether or not to see hostnames in DAST-related emails, if that is available to you.

  5. Click Save.


Changing Your Password

Password guidelines are determined by your Sentinel Administrator. Your organisation may have adopted single sign-on or multi-factor authentication. If you are using single sign-on, you will not need to enter your Sentinel password; instead simply log on via your SSO. If you are not using single sign-on and you need to change your password, click User Details > Update Password.

update password

The Update Password editing window is displayed.

update password 2

  1. Type your Old password.

  2. Type your New password and repeat it in the Confirm new password field. Both entries must match to proceed.

  3. Click Save.

Password Format and Guidance

By default, Sentinel will require that your password contain at least six characters, including at least one number and at least one letter. Additonally, password restrictions may be in place, which enforces that your password adopts some or all of the following:

  • Uppercase letters

  • Lowercase letters

  • Numerals

  • Special characters

  • Excludes all/part of username

  • Excludes all/part of email

Always protect your password. If someone else obtains your password, they may gain access to your vulnerability information. WhiteHat Security Support will never ask for your password.


Public Key

If your server uses Pretty Good Privacy (PGP), you can use your public key to send secure data across potentially insecure networks. You can enter or delete your public key here. If you have questions about PGP, see your network administrator.

  1. Click Public Key to display the Public Key editing page.

    public key 3

  2. Type your key into the free text field.

  3. Click Save, or Cancel to cancel the operation.


API Key

Each user account may generate a unique 32-character Web API Key, which is used to authenticate your API requests. The Web API key is intended for use inside the applications that are accessing the API. It is not intended for accessing the API through your browser.

If You Have a Sentinel Password:

To view the API key, or to create a new one:

  1. Click API Key.

    api key 2

  2. When prompted for your Sentinel password, type your password into the text field.

  3. Click Authenticate

Your key will now be displayed. If you have never requested your API key before, a key will be generated for you.

If You Access Sentinel Using Single Sign-On (SSO)

To view the API key, or to create a new one:

  1. Click API Key.

    api key

  2. Your account requires additional authentication. Choose either Request Code by SMS or Request Code by Call. Your authentication code will be provided via the option selected.

    request sso code for api key

  3. Ensure that the confirmation banner is displayed at the top of the screen, which confirms if the code has been sent.

  4. Once the code is received, type it into the Code field.

  5. Ensure that your key is displayed in the API key field. If you have never requested your API key before, a key will be generated for you.

Protect your web key. Your key is the equivalent of a user name and password that gives access to all your vulnerability data. Treat it as carefully as any other password. WhiteHat strongly recommends that you never use your Web API Key in your browser. It is only intended for use when accessing the API programmatically. If you do use it directly in a URL, it is logged to your browser history. Therefore, if you must use your Web API Key in your browser, you are strongly encouraged to clear your browser history/cache automatically every time you log out of Sentinel. Otherwise, your key will be visible to anyone who gets physical or electronic access to your browser history.

Regenerating Your API Key

From time to time, it may be necessary to regenerate your existing API key. Repeat the steps listed above, to display your existing API key. Then click Regenerate API key. Your new API key is displayed.

api key regenerate