Santa Clara, Calif., December 21, 2017 – WhiteHat Security, the leading application security provider committed to securing digital business, today announced the addition of Sentinel Source for Microservices to its portfolio of static application security testing (SAST) services. The new solution is ideal for organizations that have adopted — or are in the process of adopting — a microservices-based architecture.
With Sentinel Source for Microservices, WhiteHat is offering a unique and highly flexible licensing model that allows end-users to predictably procure and consume the SAST services they need, when they need them, for microservices-based applications. In modern software development, the reality is that the number of microservices continues to grow with evolving business needs.
“Working in partnership with our customers, we’ve been able to assess the application security needs of real-world microservices-based implementations,” said Setu Kulkarni, Vice President of Corporate and Product Strategy at WhiteHat. “DevOps teams need a SAST solution that can scale up or down with them. With Sentinel Source for Microservices, our customers can enjoy the benefits of a world-class SAST solution and an innovative licensing model that doesn’t lock them into having to anticipate size of applications or the number of microservices, and then suffer budget overruns when they exceed their projections.
“As an IT systems integrator with deep security expertise, we’ve had a front row seat to the emergence of DevOps and microservices, and to the security challenges these new architectures bring with them,” added Geoffrey Poer, Chief Security Officer for WhiteHat partner, Chronos Global. “Sentinel Source for Microservices clearly demonstrates that WhiteHat understands the changing dynamics in today’s development organization. The combination of great SAST product and innovative licensing model makes it easier for organizations to embrace security for microservices.”
Part of the WhiteHat Application Security Platform, Sentinel Source for Microservices scans microservices code, identifies vulnerabilities, and provides detailed vulnerability descriptions and remediation advice, making it easy for developers building microservices to find and fix vulnerabilities in code quickly. Users can:
- Assess code at any point in the development cycle – even partial code
- Run continuous, scheduled or on demand assessments
- Preserve an organization’s intellectual property – source code can be scanned within your premises
- Stay up-to-date on the latest attacks with Rule Packs that identify and verify vulnerability defects
Unlike other solutions, Sentinel Source for Microservices delivers verified vulnerabilities that provide unmatched accuracy with near zero false positives. Integrated with IDEs, bug tracking systems, CI/CD systems and ALM tools, the solution also provides broad language and repository coverage; Directed Remediation (customized code patches that can be used to fix vulnerabilities discovered in source); and Software Composition Analysis for scanning third-party code. Customers using Sentinel Source for Microservices also benefit from the expertise of the security engineers in the Threat Research Center, who validate all vulnerabilities and provide ongoing support via the solution’s unique “Ask-a-Question” feature.
Sentinel Source for Microservices is available immediately. Other SAST solutions in the WhiteHat Security portfolio in include WhiteHat Sentinel Source and WhiteHat Scout, a personal SAST service for developers that a recent 451 Research report described as an offering that “puts security expertise at the developer’s fingertips”.
- Data sheet: Sentinel Source for Microservices
- Webinar: Securing Microservices in a DevOps World
- Webinar: Securing Java Microservices
- SD Times, “Securing Microservices: The API gateway, authentication and authorization”, Mostafa Siraj (WhiteHat Security), September 20, 2017