Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/7/2009
07:09 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

WhiteHat Security Integrates With Snort

WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to detect application layer attacks

SANTA CLARA, Calif., Oct. 6 /PRNewswire/ -- WhiteHat Security, the leading provider of website risk management solutions, today announced a first-of-its-kind integration with Snort, the leader in open source intrusion prevention systems (IPS). Now, WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to reliably detect application layer attacks. This new level of intelligence enables security professionals to increase their visibility into verified real-time threats. With Snort deployed at 80 percent of Fortune 100 companies and 42 percent of the Global 500, this advancement will have a significant impact on enterprise website security.

WhiteHat Sentinel is the first website vulnerability management solution to integrate verified website vulnerability data with Snort, thereby extending IPS from the network space to include websites, the foremost target for the enterprising hacker. As a result, users can fine-tune Snort alerts and correlate findings to reduce noise and allow security teams to focus on real issues. Prior to the WhiteHat Sentinel/Snort integration, security professionals were forced to sift through reams of Web server logs to retrieve the same information now seamlessly generated and validated by Sentinel. Now false positives are eliminated, so security teams can be confident that an alert signifies a real problem.

"We are excited by the enhancement of Snort rules with WhiteHat Sentinel's targeted website vulnerability data," said Marty Roesch, founder and chief technology officer, Sourcefire and creator of Snort. "Verified and accurate vulnerability information from the running Web application makes it easy to generate a list of Snort rules in IPS mode in order to stop attackers from taking advantage of these vulnerabilities, while simultaneously fixing the problems."

The WhiteHat Sentinel product family is composed of Software-as-a-Service (SaaS) website security solutions that deliver the visibility, flexibility and manageability organizations need to take control of website security and prevent Web attacks. WhiteHat Sentinel was built from the ground up to assess the largest and most complex websites in the world on an ongoing basis. Today, WhiteHat executes rigorous and ongoing security testing on thousands of the world's leading websites, including many Fortune 500 companies. In addition to Snort, the WhiteHat Sentinel open XML API enables data exchange with Web application firewalls (WAF), bug tracking systems and security information and event management systems (SIEM) to provide complete website risk management.

WhiteHat Security worked with its Premium Integration Partner, the Denim Group, a San Antonio, Texas-based consultancy, to develop the integration technology based on the WhiteHat Sentinel open XML application programming interface (API). The WhiteHat open XML API is easy to configure, allowing companies to quickly begin generating Snort rules for specific vulnerabilities.

"WhiteHat Sentinel delivers the most complete and accurate vulnerability information available, which is the foundation of a comprehensive website risk management program," said Kevin Overcash, vice president of product management, WhiteHat Security. "Our Snort integration enables security teams to monitor more effectively, fix problems, and precisely prioritize risk in their environment."

The WhiteHat Sentinel API for Snort is available immediately, free of charge, to all Sentinel customers. To learn more about WhiteHat Sentinel and the Snort integration, please visit www.whitehatsec.com, contact the WhiteHat sales office at (408) 343-8300, or email [email protected]

Snort is a registered trademark of Sourcefire, Inc.

About Snort

Snort' is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and over 250,000 registered users, Snort has become the de facto standard for IPS.

About WhiteHat Security, Inc.

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the visibility, flexibility and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls. To learn more about WhiteHat Security, please visit our website at www.whitehatsec.com.

Contact:

Dawn van Hoegaerden Rachel Miller

WhiteHat Security SHIFT Communications

919-929-8525 617-779-1856

[email protected] [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "The truth behind Stonehenge...."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27886
PUBLISHED: 2021-03-02
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.
CVE-2016-8153
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8154
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8155
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8156
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.