WhiteHat Security Debuts Expanded Website Vulnerability Management

New features include user and role management options
SANTA CLARA, Calif., June 23 /PRNewswire/ -- WhiteHat Security, the leading provider of website risk management solutions, today announced updates to WhiteHat Sentinel, its software-as-a-service (SaaS) website vulnerability management offering, including new User and Role Management options, additional enterprise reports and a unique Site Security Statement for customers and cloud computing service providers.

Today's enterprises must be vigilant about website security to stay ahead of hackers who troll their sites for vulnerabilities. From overall risk management strategies to defining access based on employee role, the level of granularity required to keep websites secure has never been greater. Enhancements to WhiteHat Sentinel take website security a step further by offering additional protection of data within the organization.

Sentinel's new User and Role Management features provide organizations with greater control of their data by allowing them to compartmentalize data access based on roles and quickly add and delete users. New enterprise reporting functionality provides management with a clear and timely view of everything from specific site vulnerabilities to the state of their overall risk profile. Furthermore, security teams and developers can now drill down to get accurate details of the vulnerabilities, allowing them to immediately make decisions and mitigate risk. WhiteHat Security's channel partners, who are often trusted to manage customers' WhiteHat Sentinel implementations, will also benefit from the new functionality and reports by having clearer visibility into the individual customer website security programs they manage.

User and Role Management System

The Sentinel User and Role Management system allows Sentinel Administrators the ability to manage users and adjust information and Sentinel functionality access depending on their positions. The new Site Grouping feature enables additional control and manageability by allowing websites under Sentinel management to be organized by business unit or geographical location.

Organizations may choose from four user roles, enabling them to control access to different levels of information:

o Administrator - Provides access to all functionality, including User and Role Management o Security Operator - Offers ability to configure, start and schedule scans; generate reports and view vulnerability data from summary to detail o Developer - Enables the opportunity to view all vulnerability data and retest capability o Executive - Allows for access to summary data only

New Reports for Compliance, Remediation and Customer Assurance

WhiteHat Sentinel's new reporting system offers more granular reports geared to specific audiences. The improved reports include:

o PCI Compliance Report - Measures whether or not a company's website is compliant with the Payment Card Industry's Data Security Standard (PCI-DSS) o Attack Vector Details Report - Delivers a list of five specific details and instances of website vulnerabilities, including location, to simplify mitigation for security teams and developers o Vulnerability Details Report - Offers security and development teams a detailed listing of vulnerabilities found on an organization's website o Executive Summary Report - Provides management an overview of their security risk profile o Site Summary Report - Gives management a comprehensive view of specific security risk exposure and vulnerabilities for each individual site

In addition, the new Site Security Statement, specifically requested by customers, summarizes the open website vulnerabilities in each risk level and provides a checklist of classes of vulnerabilities included in the level of service. Customers can even provide their own clients a copy of the report, proving they have tested their websites and they are secure. As cloud computing becomes more prevalent, service providers are being asked to provide proof of their own security practices. The Site Security Statement provides accurate, up-to-date third-party website security information in a customer or auditor-ready format.

"Understanding that all organizations are different, we've worked with our customers to find out their unique needs for distributing website vulnerability data in their environments," said Bill Pennington, chief strategy officer, WhiteHat Security. "Our new User and Role Management functionality and improved reporting gives Sentinel users more visibility and control, and essentially helps companies more efficiently and effectively address website risks to protect mission-critical business data."

WhiteHat Sentinel is a website security SaaS platform that protects critical data, ensures compliance and narrows the window of risk. Sentinel is the only website risk management solution that combines proprietary automated scanning technology with custom testing by a team of leading website security professionals. WhiteHat Sentinel provides companies with the visibility, flexibility and control necessary to address website security needs and prevent Web attacks.

WhiteHat Sentinel is currently available in three service levels, Standard Edition (SE), Premium Edition (PE) and Baseline Edition (BE) for an annual subscription fee. More information on the WhiteHat Sentinel family of website security solutions can be found at

About WhiteHat Security

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the flexibility, simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems. To learn more about WhiteHat Security, please visit our website at