WhiteHat Security Partners with F5 Networks

WhiteHat Security and F5 Networks have announced a partnership agreement. The partnership yields a uniquely powerful and efficient solution that provides organisations with a new means of combating the onslaught of website attacks that place customer and corporate data at risk. F5's open iControl API provides the integration between WhiteHat Sentinel, a website vulnerability management solution, and the F5 BIG-IP Application Security Manager (ASM) web application firewall. As part of this agreement, WhiteHat has also joined F5's Technology Alliance Program.

A web-based subscription service, WhiteHat Sentinel combines advanced proprietary scanning technology with expert analysis, enabling customers to identify, prioritise, manage, and remediate website vulnerabilities as they occur. F5's ASM provides proactive network and application-layer protection from generalised and targeted attacks by understanding the user interaction with the application. Through the F5 iControl API, WhiteHat Sentinel will be able to directly configure policies on F5's ASM to protect against vulnerability exploits (e.g., cross-site scripting, parameter tampering, SQL injection) found during the scanning process.

The combined solution from WhiteHat Security and F5 fully meets requirement No. 6.6 (Develop and maintain secure systems and applications) of the PCI compliance standards developed by VISA, MasterCard, and other major credit card companies. According to the standard, an organisation must do at least one of the following to meet this requirement:
Undergo application scanning and code review by an application security specialist; or
Install a web application firewall in front of the web-facing applications.

This partnership enables customers to achieve both requirements in just one step.

Existing customers of both WhiteHat and F5 will benefit from the partnership immediately through the ability to leverage their investments with the added security and automation of the combined solution. The Sentinel-ASM integration simplifies and speeds vulnerability remediation by finding the problem, and then fixing it through "virtual patching." Developers also gain more time to fix code without leaving applications exposed. Customers will benefit through:
Increased protection via WhiteHat Sentinel's rapid identification of web application vulnerabilities, with minimal false positives;
Highly targeted vulnerability remediation (virtual patching) via ASM;
Simplified management: Data is continuously filtered and validated to provide only actionable results;
Ease of operation: A simple interface with one-click remediation.

write your comments about the article :: 2008 Computing News :: home page