WhiteHat Security Introduces Threat Research Center

WhiteHat Security, a provider of website risk management solutions, unveiled its Threat Research Center (TRC), a team of website security experts who act as a critical and integral component of the WhiteHat Sentinel website vulnerability management service.

The TRC operates as an extension of an organization's information security team, enabling enterprises to focus on website vulnerability remediation and overall risk posture, as well as technology and business goals.

The TRC is comprised of the industry's top website security engineers, who have assessed more than 2,700 of the world's largest websites. The TRC ensures that any website risk management program is effective and efficient by providing ongoing vulnerability detection and verification that cannot be accomplished by scanners alone. In addition, combined with WhiteHat Sentinel, the TRC provides enterprises with continuous and current website security that consultants cannot feasibly provide on their own. Ultimately, companies are empowered to create an actionable website risk management strategy with the assurance that they have quality, accurate and pertinent website security data at their fingertips.

All vulnerabilities reported by the service are found using state-of-the-art vulnerability tests and are verified by the expert security engineers of the TRC. The WhiteHat Sentinel vulnerability database combines knowledge of more than 26 million vulnerability patterns with proprietary algorithms to distinguish which vulnerabilities detected are real and exploitable. This one-of-a-kind solution virtually eliminates false positives, a bane for website security professionals.

Specifically, the WhiteHat TRC delivers:

  • Active monitoring and performance tuning of the Sentinel scanner.
  • Fully customized assessments to provide thorough, production-safe code coverage on all websites.
  • The ability to remove virtually all false positives and duplicates, and prioritize all vulnerabilities. All issues identified are real, exploitable and actionable, engendering business owner and application developer confidence in the website security program.
  • Daily monitoring to ensure optimal and uninterrupted coverage of new vulnerabilities and attack vectors.
  • An assurance that all production websites, by far the most frequent and critical attack target, are safe.
  • Access to the industry's most expansive and comprehensive vulnerability knowledge base. The TRC performs ongoing, cutting edge research to ensure all information is up-to-date. As new attacks are discovered, the TRC creates, refines and implements new tests to be deployed immediately across all Sentinel security scans, providing the most accurate data about a website's vulnerability posture.
  • Custom business logic tests that analyze design flaws and validate account privileges across roles and between users. These customized tests verify whether applications allow unexpected business behaviors. TRC analysis of these critical design-flaw security vulnerabilities also includes custom description and remediation guidance in the context of the business.

"The level of expertise that makes up the TRC is truly remarkable. Automated scanners or consultants cannot come close to replicating the kind of research, effort and value they bring to the table," said Bill Pennington, chief strategy officer, WhiteHat Security. "Combined, the TRC has more than 50 years in training and specific experience in website security attack techniques. They also have first-hand experience with leading software development frameworks, design patterns, and implementation practices, as they relate to security. At the end of the day, the WhiteHat Security Threat Research Center lets customers sleep a little better at night knowing they have the best website risk management program possible."

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • 91 Percent of Security Leaders Believe AI Set to Outpace Security Teams

    Bugcrowd recently released its “Inside the Mind of a CISO” report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO. Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers’ long-term privacy or security to save money. Read Now

  • Milestone Announces Merger With Arcules

    Global video technology company Milestone Systems is pleased to announce that effective July 1, 2024, it will merge with the cloud-based video surveillance solutions provider, Arcules. Read Now

  • Organizations Struggle with Outdated Security Approaches, While Online Threats Increase

    Cloudflare Inc, recently published its State of Application Security 2024 Report. Findings from this year's report reveal that security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used sites. The report underscores that the volume of threats stemming from issues in the software supply chain, increasing number of distributed denial of service (DDoS) attacks and malicious bots, often exceed the resources of dedicated application security teams. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3