WhiteHat Security released its new ‘Essentials’ product line, with the launch of two solutions: Sentinel Source Essentials Edition and Sentinel SCA Essentials Edition. The streamlined ‘Essentials’ products have been created to help organizations meet the needs of the DevOps build/test phase by offering security testing with code coverage. The ‘Essentials’ solutions cut down scan times, helping developers get the vulnerability assessment results they need faster.
The ‘Essentials’ product line currently includes:
1) Sentinel SCA Essentials Edition, a software composition analysis (SCA) service that identifies third-party and open source components used in an organization’s applications, delivering what is known as the software Bill of Materials. For each of these components, Sentinel SCA Essentials Edition identifies any open security common vulnerabilities and exposures (CVEs), licenses, and out-of-date library versions.
2) Sentinel Source Essentials Edition, provides static application security testing (SAST). These findings are accurate due to the use of WhiteHat’s Attack Vector Intelligence (AVI) technology. Discovered vulnerabilities are prioritized according to their severity, thus providing guidance on what should be remediated first.
The new ‘Essentials’ product line will complement WhiteHat’s existing Sentinel Source Standard Edition solution, which includes findings and access to WhiteHat Threat Research Center engineers.
According to WhiteHat’s 2018 Application Security Statistics Report, up to 70 percent of every application is comprised of reusable software components (e.g. third-party libraries, open source software (OSS), etc.). That translates to applications also “inheriting” the vulnerabilities in those software components. Thus, securing software requires technologies capable of detecting vulnerabilities in the code and components.
“With the ‘Essentials’ line of products, we continue executing on our strategy to provide a specific, dedicated flavor of application security testing and SCA products for each DevOps persona: programmers with WhiteHat Scout, builders and testers with Sentinel Source and Sentinel SCA Essentials Editions, and deployment specialists with Sentinel Source Standard Edition,” said Joseph Feiman, chief strategy officer at WhiteHat Security.
“With more applications being pushed out than ever, the ‘Essentials’ product line gives organizations technology options that enable security teams to earn quick wins by having developers rapidly detect and remediate security vulnerabilities – a major step in achieving DevSecOps.”