Mobile
12/12/2012
03:22 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

WhiteHat Security Brings New Standards To Mobile Application Security

Announces immediate availability of WhiteHat Sentinel Mobile

SANTA CLARA, Calif. – December 11, 2012 – WhiteHat Security, the Web security company, announced the immediate availability of WhiteHat Sentinel Mobile, a new mobile application assessment solution enabling businesses to test mobile applications wherever they reside: on the device or on a server. With this announcement, WhiteHat extends its support for mobile applications with new security offerings aimed at streamlining mobile security strategies for the enterprise and independent application developers.

"Mobile is clearly accelerating businesses' application development practices as it replaces the 'traditional' Web, but mobile security until now has not kept the needed pace to mitigate the added risk," said Stephanie Fohn, CEO of WhiteHat Security. "With Sentinel Mobile, we are offering businesses an advanced, platform-agnostic solution to efficiently evaluate all facets of in-house or third-party mobile applications, regardless of device or OS. Sentinel Mobile reflects our mission to offer the most rapid and effective solutions for securing the entire ecosystem of business applications and critical data."

The introduction of Sentinel Mobile extends WhiteHat's charter, namely to provide highly accurate and actionable application vulnerability information across today's increasingly rapid software development lifecycle (SDLC), to also encompass the growing mobile application market. As hundreds of the largest enterprises in the world, including two of the top three mobile phone manufacturers, already leverage WhiteHat Sentinel to assess, verify and report code-level flaws in their non-mobile applications – from development to production – the company anticipates strong traction for its new mobile offering.

"Mobile application security has seen too much confusion and fragmentation and not enough focus on where the heart of security problems truly lie," said Jerry Hoff, vice president, source code analysis division, WhiteHat Security. "The majority of mobile application problems live on the server-side and go unnoticed or untreated, creating even more attack surfaces to exploit. WhiteHat is elevating the mobile application security experience to address this using its leading Sentinel technology to test applications as they live on the phone or tablet, as well as the server-side components to mitigate businesses' risk."

The new Sentinel Mobile service enables businesses to:

Quickly assess scan all iOS, Android or other mobile apps in their environment

Evaluate device- and server-side code, both static and dynamic, and correlate the results

View mobile, native and Web application security postures relative to their business through a unified dashboard

Identify application-specific vulnerability trends to improve developer practices

Streamline application development and launch predictability by identifying problems earlier in the development lifecycle

Sentinel Mobile is available today as a stand-alone offering or as an addition to existing WhiteHat Sentinel deployments. As part of the Sentinel family of products, Sentinel Mobile utilizes the company's unique Threat Research Center to ensure all security data is fully accurate and actionable for businesses. For more information about today's announcement please visit the Sentinel Mobile website and the WhiteHat Security blog.

About WhiteHat Security

Founded in 2001 and headquartered in Santa Clara, California, WhiteHat Security provides end-to-end solutions for Web security. The company's cloud technology platform and leading security engineers turn verified security intelligence into actionable insights for customers. Through a combination of core products and strategic partnerships, WhiteHat Security provides complete Web security at a scale unmatched in the industry. WhiteHat Sentinel, the company's flagship product line, currently manages thousands of websites – including sites in the most regulated industries such as e-commerce, financial services and healthcare.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.