WhiteHat Security Introduces Threat Research Center

TRC operates as an extension of an organization's information security team

October 19, 2010

4 Min Read


SANTA CLARA, Calif., Oct. 19/PRNewswire/ --WhiteHat Security, the leading provider of website risk management solutions, today unveiled its Threat Research Center (TRC), a team of website security experts who act as a critical and integral component of the WhiteHat Sentinel website vulnerability management service. The TRC operates as an extension of an organization's information security team, enabling enterprises to focus on website vulnerability remediation and overall risk posture, as well as technology and business goals.

WhiteHat's TRC is comprised of the industry's top website security engineers, who have assessed more than 2,700 of the world's largest websites. The TRC ensures that any website risk management program is effective and efficient by providing ongoing vulnerability detection and verification that cannot be accomplished by scanners alone. In addition, combined with WhiteHat Sentinel, the TRC provides enterprises with continuous and current website security that consultants cannot feasibly provide on their own. Ultimately, companies are empowered to create an actionable website risk management strategy with the assurance that they have quality, accurate and pertinent website security data at their fingertips.

All vulnerabilities reported by the WhiteHat Sentinel service are found using state of the art vulnerability tests and are verified by the expert security engineers of the TRC. The WhiteHat Sentinel vulnerability database combines knowledge of more than 26 million vulnerability patterns with proprietary algorithms to distinguish which vulnerabilities detected are real and exploitable. This one-of-a-kind solution virtually eliminates false positives, a bane for website security professionals.

Specifically, the WhiteHat TRC delivers:

-- Active monitoring and performance tuning of the Sentinel scanner. -- Fully customized assessments to provide thorough, production-safe code coverage on all websites. -- The ability to remove virtually all false positives and duplicates, and prioritize all vulnerabilities. All issues identified by Sentinel are real, exploitable and actionable, engendering business owner and application developer confidence in the website security program. -- Daily monitoring to ensure optimal and uninterrupted coverage of new vulnerabilities and attack vectors. -- An assurance that all production websites, by far the most frequent and critical attack target, are safe. -- Access to the industry's most expansive and comprehensive vulnerability knowledge base. The TRC performs ongoing, cutting edge research to ensure all information is up-to-date. As new attacks are discovered, the TRC creates, refines and implements new tests to be deployed immediately across all Sentinel security scans, providing the most accurate data about a website's vulnerability posture. -- Custom business logic tests that analyze design flaws and validate account privileges across roles and between users. These customized tests verify whether applications allow unexpected business behaviors. TRC analysis of these critical design-flaw security vulnerabilities also includes custom description and remediation guidance in the context of the business.

"The level of expertise that makes up the TRC is truly remarkable. Automated scanners or consultants cannot come close to replicating the kind of research, effort and value they bring to the table," said Bill Pennington, chief strategy officer, WhiteHat Security. "Combined, the TRC has more than 50 years in training and specific experience in website security attack techniques. They also have first-hand experience with leading software development frameworks, design patterns, and implementation practices, as they relate to security. At the end of the day, the WhiteHat Security Threat Research Center lets customers sleep a little better at night knowing they have the best website risk management program possible."

For additional details about the features and benefits offered by the WhiteHat Security Threat Research Center, please visithttp://www.whitehatsec.com/home/services/threat_research.html.

WhiteHat Sentinel is a SaaS-based website vulnerability management platform that protects critical data, ensures compliance and narrows the window of risk. Sentinel is the only website risk management solution that combines proprietary automated scanning technology with custom testing by a team of website security engineers. WhiteHat Sentinel provides companies with the visibility, flexibility and control necessary to address website security needs and prevent Web attacks.

About WhiteHat Security

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's website vulnerability management platform, is the most accurate, complete and cost-effective solution to measure enterprise website security posture. It delivers the flexibility; simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems. To learn more about WhiteHat Security, please visit our website at www.whitehatsec.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights