Static Application Security Testing (SAST)
The role of today’s software developer has become multifaceted, with increased responsibilities to do more in less time, all while keeping applications secure. In this environment, speed of development and security can end up in conflict – often with security being overlooked.
Sentinel Source, a part of our Application Security Platform, is our static application security testing (SAST) product. It is used for scanning source code of the most commonly-used programming languages, identifying vulnerabilities, and providing actionable vulnerability reports, as well as offering Software Composition Analysis and ready-to-implement code fixes for certain vulnerabilities. Scanning of binary files for certain languages is also available.
Sentinel Source offers unmatched accuracy needed for secure DevOps implementations, powered by our Attack Vector Intelligence (AVI) technology. The AVI technology is a combination of our patented correlation-based machine intelligence plus our Threat Research Center’s 16 years of data on application vulnerabilities and more than 100,000,000 verified attack vectors.
How you Benefit?
Well suited for agile development
Includes integrations to key developer tools and support for CI/CD processes; enables remediation of critical vulnerabilities earlier in the SDLC to reduce application risk and exposure.
Intellectual property stays onsite
Test your source code within your own environment, so there is no need to upload source code or binaries to a new location. (Cloud options are also available).
IDE integration and direct access to TRC improves productivity
Developers can view individual vulnerability descriptions and remediation advice, see corresponding source code, track and fix vulnerabilities and ask a question to TRC security experts, all from within their IDE.
Saves time and accelerates app development/deployment
Delivers actionable results containing pre-verified vulnerabilities that are rated and ranked based on threat severity, along with custom remediation advice.
Download the data sheet
Adobe Acrobat Reader required
Dynamic Application Security Testing (DAST)
Software Applications are at the core of every business. Today’s organizations deploy a myriad of web applications, ranging from external-facing corporate websites to internal-facing portals.
Sentinel Dynamic, a part of our Application Security Platform, is our dynamic application security testing (DAST) product. Sentinel Dynamic offers unmatched accuracy needed for secure DevOps implementations, powered by our Attack Vector IntelligenceTM (AVI) technology.
No matter how many websites or applications our customers need to secure and regardless of how often they are updated, Sentinel Dynamic can scale to meet any demand.
How you Benefit?
Continuous, concurrent assessments
Sentinel Dynamic continuously scans your websites as they evolve, providing automatic detection and assessment of code changes and alerting for newly discovered vulnerabilities.
Verified, actionable results
Our Threat Research Center validates every vulnerability, virtually eliminating false positives, so you can focus on remediation and improving your overall security posture.
Unlimited access to security experts
With unlimited access, our Threat Research Center team acts as an extension of your security team, answering questions about vulnerabilities and providing remediation guidance.
Reporting and intelligence metrics
Trending analysis tracks data in real time, and the WhiteHat Security Index provides at-a-glance visibility into the security of all of your websites.