Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/7/2009
07:09 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

WhiteHat Security Integrates With Snort

WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to detect application layer attacks

SANTA CLARA, Calif., Oct. 6 /PRNewswire/ -- WhiteHat Security, the leading provider of website risk management solutions, today announced a first-of-its-kind integration with Snort, the leader in open source intrusion prevention systems (IPS). Now, WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to reliably detect application layer attacks. This new level of intelligence enables security professionals to increase their visibility into verified real-time threats. With Snort deployed at 80 percent of Fortune 100 companies and 42 percent of the Global 500, this advancement will have a significant impact on enterprise website security.

WhiteHat Sentinel is the first website vulnerability management solution to integrate verified website vulnerability data with Snort, thereby extending IPS from the network space to include websites, the foremost target for the enterprising hacker. As a result, users can fine-tune Snort alerts and correlate findings to reduce noise and allow security teams to focus on real issues. Prior to the WhiteHat Sentinel/Snort integration, security professionals were forced to sift through reams of Web server logs to retrieve the same information now seamlessly generated and validated by Sentinel. Now false positives are eliminated, so security teams can be confident that an alert signifies a real problem.

"We are excited by the enhancement of Snort rules with WhiteHat Sentinel's targeted website vulnerability data," said Marty Roesch, founder and chief technology officer, Sourcefire and creator of Snort. "Verified and accurate vulnerability information from the running Web application makes it easy to generate a list of Snort rules in IPS mode in order to stop attackers from taking advantage of these vulnerabilities, while simultaneously fixing the problems."

The WhiteHat Sentinel product family is composed of Software-as-a-Service (SaaS) website security solutions that deliver the visibility, flexibility and manageability organizations need to take control of website security and prevent Web attacks. WhiteHat Sentinel was built from the ground up to assess the largest and most complex websites in the world on an ongoing basis. Today, WhiteHat executes rigorous and ongoing security testing on thousands of the world's leading websites, including many Fortune 500 companies. In addition to Snort, the WhiteHat Sentinel open XML API enables data exchange with Web application firewalls (WAF), bug tracking systems and security information and event management systems (SIEM) to provide complete website risk management.

WhiteHat Security worked with its Premium Integration Partner, the Denim Group, a San Antonio, Texas-based consultancy, to develop the integration technology based on the WhiteHat Sentinel open XML application programming interface (API). The WhiteHat open XML API is easy to configure, allowing companies to quickly begin generating Snort rules for specific vulnerabilities.

"WhiteHat Sentinel delivers the most complete and accurate vulnerability information available, which is the foundation of a comprehensive website risk management program," said Kevin Overcash, vice president of product management, WhiteHat Security. "Our Snort integration enables security teams to monitor more effectively, fix problems, and precisely prioritize risk in their environment."

The WhiteHat Sentinel API for Snort is available immediately, free of charge, to all Sentinel customers. To learn more about WhiteHat Sentinel and the Snort integration, please visit www.whitehatsec.com, contact the WhiteHat sales office at (408) 343-8300, or email [email protected]

Snort is a registered trademark of Sourcefire, Inc.

About Snort

Snort' is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and over 250,000 registered users, Snort has become the de facto standard for IPS.

About WhiteHat Security, Inc.

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the visibility, flexibility and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls. To learn more about WhiteHat Security, please visit our website at www.whitehatsec.com.

Contact:

Dawn van Hoegaerden Rachel Miller

WhiteHat Security SHIFT Communications

919-929-8525 617-779-1856

[email protected] [email protected]

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.