WHITEHAT SECURITY

WhiteHat Security has been in the business of securing web applications

for 15 years. Combining advanced technology with the expertise of its

global Threat Research Center (TRC) team, WhiteHat delivers application

security solutions that reduce risk, reduce cost and accelerate the

deployment of secure applications and web sites. The company’s

fagship product, WhiteHat Sentinel, is a software-as-a-service platform

providing dynamic application security testing (DAST), static application

security testing (SAST), and mobile application security assessments. The company is headquartered in

Santa Clara, Calif., with regional offices across the U.S. and Europe. For more

information on WhiteHat Security, please visit www.whitehatsec.com,

and follow us on Twitter, LinkedIn and Facebook.

THE CHALLENGE Today’s organizations deploy a myriad of web applications, ranging from external-facing corporate websites to internal-facing portals that contain various programming languages, frameworks, APIs, and application types. All these web applications can be built and made available in a distributed environment across different service stacks. WhiteHat’s Application Security Platform continuously scans websites and source code as they evolve, providing automatic detection and assessment of code changes, security experts validating every vulnerability to virtually eliminate false positives and alerting for newly discovered vulnerabilities. The biggest challenge is how to manage the volume, velocity and complexity of data generated by continuous assessments and scans. The data aggregation and analysis requires legions of staff to comb through the huge amount of data to connect the dots and find the highest risk vulnerabilities. Even if you’re finding the resources to analyze the massive amount of data, you’re most likely misaligning the data as often it is lacking context to external threat information and business criticality.

RiskSense has partnered with WhiteHat Security to continuously ingest newly discovered vulnerability findings through API-based integration, correlate them with the external threat data, and prioritize their remediation based on the risk and business impact they pose to target organizations. RiskSense provides a seamless workflow to quickly guide the remediation efforts and continuously monitor the results based on closed-loop monitoring process.

USE CASES1. Risk Analysis for Continuous Development and Deployment WhiteHat Application Security Platform continuously performs the vulnerability assessment for web applications, mobile applications & source code and validates every vulnerability, virtually eliminating false positives. It generates a myriad of vulnerability findings that are continuously ingested into the RiskSense Platform. The combined solution platform provides industry leading accuracy, adds additional context to the findings as it relates to business impact, common programming errors, risk-rating and proof-of-compromise. This allows the security or threat analyst to quickly determine the severity of the findings and make a go or no-go decision before the application is deployed in the production environment.

TECHNOLOGY BRIEFWhiteHat Security

Page 1

Continuous Application Security Testing and Risk Based Remediation Prioritization with RiskSense and WhiteHat Security

The combined solution platform provides industry leading accuracy to the findings.

2. Pattern AnalysisThe RiskSense Platform ingests data from various third-party security intelligence tools, normalizes, aggregates and contextualizes with external threat data. The platform has built-in machine learning algorithms which allow the analyst to quickly identify common development patterns and trends for new, persistent and remediated vulnerabilities. It creates a point-in time data snapshot to allow a comparison between assessments so you can quickly prioritize the remediation efforts based on the similarity analysis and business risk.

The platform provides attack tree analysis to allow developers to identify the root cause of the vulnerability in terms of common weaknesses. Developers can use these attack paths to identify what best practices they are overlooking in their development process by addressing the CWEs.

Figure 1. RiskSense web application dashboard

Figure 2. RiskSense attack tree analysis view

Page 2

Identify, Prioritize, Remediate...continuous monitoring to increase cyber resilience.

3. Reference LibraryThe RiskSense Platform incorporates CWE, CVE, and CCE Catalogs from OWASP, OVAL, and the National Vulnerability Database (NVD), empowering developers to quickly research and learn about the common programming errors. The combined solution platform provides step-by-step guidance to remediate or fix the vulnerability finding. Furthermore, the pen-testing team validates the vulnerability and provides proof-of-compromise which can be mapped with CWEs and CVEs.

4. Remediation Process FlowBased on the additional context of business criticality, the analyst can prioritize the vulnerabilities associated with applications. The analyst can then assign one or more vulnerabilities to remediation team members through the built-in workflow engine. It automatically triggers email notification for assigned vulnerabilities. The user will be provided with a playbook to streamline remediation actions and vulnerability persistence analysis, assuring that applied fixes are effective. Once the vulnerability has been fixed by the remediation team, RiskSense will validate the vulnerability with next scan results from WhiteHat Application Security Platform for closed-loop remediation. The platform maintains the entire vulnerability history so the analyst can always analyze the past events within the platform. No other solution provides this level of current and historical data to assist analysts and reduce their time assessing their IT environment and resolving vulnerabilities.

The RiskSense Platform also integrates with various third-party ticketing systems such as BMC Remedy, ServiceNow to allow customers to manage remediation process into their preferred tool.

Figure 3. Direct visibility in the RiskSense Platform with clear guidance to remediate

Page 3

Acme Solutions

Acme Solutions

Contact Us Today to Learn More About RiskSenseRiskSense, Inc. | +1 844.234.RISK | +1 505.217.9422 | info@RiskSense.com© RiskSense, Inc. All rights reserved. RiskSense and the RiskSense logo are registered trademarks of RiskSense, Inc. TechnologyBrief_WhiteHat_01292018

READ OUR BLOGSCHEDULE A DEMOCONTACT US

Figure 4. RiskSense web application remediation view

The RiskSense Platform takes vulnerability management to the next level, while preserving the investment in your Whitehat scanner technologies. RiskSense is ingesting the data and not only automating the data analysis, but also enriching your internal security intelligence with external threat data and business criticality to allow you to focus your remediation actions on the things that matter most to your organization. Using RiskSense, you can free up IT and security personnel to focus on critical tasks and turn them into risk strategists rather than technicians.

ABOUT RISKSENSERiskSense, Inc., is the pioneer in pro-active cyber risk management. The company enables organizations with a compass to identify cyber risk, quickly orchestrate remediation, and monitor the results. This is done by unifying and contextualizing internal security intelligence, external threat data, and business criticality across a growing attack surface. The company’s Software-as-a-Service (SaaS) platform transforms cyber risk management into a more pro-active, collaborative, and real-time discipline. The RiskSense Platform™ embodies the expertise and intimate knowledge gained from real world experience in defending critical networks from the world’s most dangerous cyber adversaries.