WhiteHat Security has announced the general availability its Essentials product line, with the launch of two solutions: Sentinel Source Essentials Edition and Sentinel SCA Essentials Edition.
The streamlined Essentials products have been created to help organizations meet the needs of the DevOps build/test phase by offering high-speed and fully-automated security testing with comprehensive code coverage. Essentials high-speed solutions cut down scan times, helping developers get the vulnerability assessment results they need faster.
The Essentials product line includes:
Sentinel SCA Essentials Edition: A standalone, fully-automatedsoftware composition analysis (SCA) service that rapidly and accurately identifies third-party and open source components used in an organization’s applications, delivering what is known as the software Bill of Materials. For each of these components, Sentinel SCA Essentials Edition identifies any open security common vulnerabilities and exposures (CVEs), licenses, and out-of-date library versions.
Sentinel Source Essentials Edition: Providing high-speed, fully-automated static application security testing (SAST). These findings are comprehensive and highly accurate due to the use of WhiteHat’s Attack Vector Intelligence (AVI) technology. Discovered vulnerabilities are prioritized according to their severity, thus providing guidance on what should be remediated first.
The Essentials product line will complement WhiteHat’s existing flagship Sentinel Source Standard Edition solution, which includes fully-verified findings and unlimited access to WhiteHat Threat Research Center engineers.
According to WhiteHat’s 2018 Application Security Statistics Report, up to 70 percent of every application is comprised of reusable software components (e.g. third-party libraries, open source software (OSS), etc.). That translates to applications also “inheriting” the vulnerabilities in those software components. Thus, securing software requires technologies capable of detecting vulnerabilities in the code and components.