- Company (that provides the nominated product / solution / service): WhiteHat Security
- Website: https://www.whitehatsec.com
- Company size (employees): 300+
- Product Version Number: N/A
- Type of solution: Software
- Year this product or service was first introduced to the market: 2003
In 3 bullets, summarize why this product or service deserves recognition
• A distinctive approach: Unlike pure-play tool vendors, every vulnerability identified by WhiteHat Sentinel is manually verified for accuracy by a security expert in the TRC. Sentinel is incredibly easy to use, and requires no additional staff or software. Sentinel can scale from one to thousands of websites/applications in a production-safe manner, while providing continuous, concurrent assessments without slowing down business as usual. The security experts of our TRC act as an extension of our customers’ security teams by providing manual verification of each vulnerability to virtually eliminate false positives, saving additional costs and allowing the customers to focus their resources on running their business.
• Help quantify the risk: No other vendor is capable of identifying where your applications are vulnerable and telling you in very real financial terms the risks you are facing, and your needed security investment in remediation or even developer education. We arm security teams with the information they need to get eye-to-eye with business stakeholders. Sentinel has gathered enough data and analysis to provide numerous metrics and reports to allow an organization to determine their risk posture and compare them with their industry peers.
• The right balance: For a security solution to truly be a “solution,” it must balance the symbiotic relationship between People, Process and Technology. For WhiteHat Security, this is our Threat Research Center, Vulnerability Assessment Process and the Sentinel platform. Independently, WhiteHat Security is the biggest and best in the business at doing this. Collectively, we are the only company that has all three working in conjunction, allowing us to execute on our mission, protect our customers, and the web at large.
In less than 300 words, summarize the most important features and benefits of this product or service
WhiteHat Sentinel is a SaaS application security platform that provides customers with intelligence about their application infrastructure, helps them evaluate risk, and protects them from security breaches. The solution is a unique combination of advanced technology and human intelligence, provided by top security researchers in the Threat Research Center (TRC), who test every finding to ensure near-zero false positive and false negative rates. Sentinel’s platform is made up of Dynamic Application Security Testing, Static Application Security Testing, and Mobile Application Testing. Sentinel is fully integrated into the software development lifecycle process, protecting our customers’ entire applications infrastructure from inception to production.
WhiteHat Sentinel protects tens of thousands of applications for over 800 customers. The top industries represented by our customer base: 175+ in software and technology, 145+ in financial services, close to a hundred each in healthcare, retail, and entertainment. These numbers continue to grow as the current application security CAGR is estimated between 10-24% for the next five years.
With server-side data breaches in the news daily, a comprehensive application security program is required as part of a holistic approach to security. WhiteHat strengthens customers’ business by enabling them to protect their confidential data, accelerate their testing cycle, and reduce risk. Sentinel’s risk-based approach to application security offers peer benchmarking, allowing organizations to view their own security posture in comparison with other customers in their industry.
The new security ecosystem requires that DevOps participate along with IT Security and Risk Management – Sentinel helps this alignment by providing both executive and business-view vulnerability management reports, and then development-level patching reports down to the code line level along with definitions, examples, remediation advice, and the ability to ask questions of our TRC. From development teams to executives, Sentinel provides the much-needed AppSec vulnerability management piece of the whole-ecosystem puzzle.