WhiteHat Security Integrates With Snort

WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to detect application layer attacks

October 8, 2009

4 Min Read


SANTA CLARA, Calif., Oct. 6 /PRNewswire/ -- WhiteHat Security, the leading provider of website risk management solutions, today announced a first-of-its-kind integration with Snort, the leader in open source intrusion prevention systems (IPS). Now, WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to reliably detect application layer attacks. This new level of intelligence enables security professionals to increase their visibility into verified real-time threats. With Snort deployed at 80 percent of Fortune 100 companies and 42 percent of the Global 500, this advancement will have a significant impact on enterprise website security.

WhiteHat Sentinel is the first website vulnerability management solution to integrate verified website vulnerability data with Snort, thereby extending IPS from the network space to include websites, the foremost target for the enterprising hacker. As a result, users can fine-tune Snort alerts and correlate findings to reduce noise and allow security teams to focus on real issues. Prior to the WhiteHat Sentinel/Snort integration, security professionals were forced to sift through reams of Web server logs to retrieve the same information now seamlessly generated and validated by Sentinel. Now false positives are eliminated, so security teams can be confident that an alert signifies a real problem.

"We are excited by the enhancement of Snort rules with WhiteHat Sentinel's targeted website vulnerability data," said Marty Roesch, founder and chief technology officer, Sourcefire and creator of Snort. "Verified and accurate vulnerability information from the running Web application makes it easy to generate a list of Snort rules in IPS mode in order to stop attackers from taking advantage of these vulnerabilities, while simultaneously fixing the problems."

The WhiteHat Sentinel product family is composed of Software-as-a-Service (SaaS) website security solutions that deliver the visibility, flexibility and manageability organizations need to take control of website security and prevent Web attacks. WhiteHat Sentinel was built from the ground up to assess the largest and most complex websites in the world on an ongoing basis. Today, WhiteHat executes rigorous and ongoing security testing on thousands of the world's leading websites, including many Fortune 500 companies. In addition to Snort, the WhiteHat Sentinel open XML API enables data exchange with Web application firewalls (WAF), bug tracking systems and security information and event management systems (SIEM) to provide complete website risk management.

WhiteHat Security worked with its Premium Integration Partner, the Denim Group, a San Antonio, Texas-based consultancy, to develop the integration technology based on the WhiteHat Sentinel open XML application programming interface (API). The WhiteHat open XML API is easy to configure, allowing companies to quickly begin generating Snort rules for specific vulnerabilities.

"WhiteHat Sentinel delivers the most complete and accurate vulnerability information available, which is the foundation of a comprehensive website risk management program," said Kevin Overcash, vice president of product management, WhiteHat Security. "Our Snort integration enables security teams to monitor more effectively, fix problems, and precisely prioritize risk in their environment."

The WhiteHat Sentinel API for Snort is available immediately, free of charge, to all Sentinel customers. To learn more about WhiteHat Sentinel and the Snort integration, please visit www.whitehatsec.com, contact the WhiteHat sales office at (408) 343-8300, or email [email protected].

Snort is a registered trademark of Sourcefire, Inc.

About Snort

Snort' is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and over 250,000 registered users, Snort has become the de facto standard for IPS.

About WhiteHat Security, Inc.

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the visibility, flexibility and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls. To learn more about WhiteHat Security, please visit our website at www.whitehatsec.com.


Dawn van Hoegaerden Rachel Miller

WhiteHat Security SHIFT Communications

919-929-8525 617-779-1856

[email protected] [email protected]

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights