Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


WhiteHat Security

WhiteHat Security has been in the business of securing web applications for 17 years. Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost and accelerate the deployment of secure applications and web sites. The company's flagship product, WhiteHat Sentinel, is a software-as-a-service platform providing dynamic application security testing (DAST), static application security testing (SAST), and mobile application security assessments. The company is headquartered in San Jose, Calif., with regional offices across the U.S. and Europe.

Our Website:

Latest Content From WhiteHat Security

Research Report: The AI and Human Element Security Sentiment Study

by WhiteHat SecurityJun 17, 2020

How Two Powerful Forces Can Tackle Our Biggest Application Security Challenges

The "AI and Human Element Security Sentiment Study" is based on a survey of 102 industry professionals at the RSA Conference 2020. The research revealed that while over half of organizations use artificial intelligence (AI) or machine learning in their security stack, nearly 60 percent are still more confident in cyberthreat findings verified by humans over AI.

The survey responses, along with the theme of "Human Element" at RSA Conference 2020, reflect the need for security organizations to incorporate both AI-and human-centric offerings, especially in the application security space. Three-quarters of respondents use an application security tool, and more than 40 percent of those application security solutions use both AI-based and human-based verification.

Download this report to learn:

  • Research findings explaining how AI and ML are best used in application security
  • Why the Human Element in Security is Still Needed to combat Application Vulnerabilities
  • WhiteHat's continued innovation in application security and threat research

Whitepaper: Top 10 Vulnerabilities of 2019: A Technical Deep Dive on Software Exploits

by WhiteHat SecurityJun 17, 2020

Applications continue to be a top target for digital adversaries, as more businesses rely on them to drive their revenue and success. And the proof is in the headlines.

It's in the nature of application development that hard deadlines can mean coding errors and are not always addressed before deployment. As a result, it's important to patch vulnerabilities as soon as they are found and by using the right application security tool, software teams can not only build their applications at the right speed but do so securely. In the case of data leaks, not only do they damage a brand's reputation, but they also hurt the privacy of their users.

In this report, we look at the top vulnerabilities of 2019 caused by application-based attacks, coding bugs and errors, then explore the steps organizations can take to protect their applications and their code in 2020.

Download this report to learn:

  • The most prevalent vulnerabilities we saw in 2019
  • The biggest lessons we can learn from data breach events of 2019
  • Deeper information on vulnerabilities like Google Search XSS, Cross Site Leaks, and Cache Poisoned
  • Denial of Service

Whitepaper: 2020 Predictions in Application Security, Data Privacy, and Artificial Intelligence

by WhiteHat SecurityJun 17, 2020

In 2019, 12,174 new vulnerabilities were found in commercial and open source software. The total number of breached records were 15.1 billion. This is a 284% spike compared to 2018.

The triumphs, challenges and changes we have experienced, have opened up many opportunities, and our eyes, as to what the future holds for technology, development, and security. Now, in 2020, we are here with a mix of excitement, trepidation, and hope. And this time of year, we like to ask some of the trusted security experts at WhiteHat, as well as our customers and partners, what they believe are the biggest opportunities and challenges the industry will face.

From the continued challenge of software vulnerabilities, to the growing use of artificial intelligence in mitigating cyber threats, here are the top cybersecurity predictions we see impacting 2020 the most.

Download this report to learn:

  • Top cybersecurity predictions impacting application security
  • The growing role of the developer in security innovation and implementation
  • How microservices and containers impact application security and the industry as a whole
  • Survey results from the developer security sentiment study from DeveloperWeek 2019

Infographic: WhiteHat and Bugcrowd Offer Pen Test Service

by WhiteHat SecurityJun 12, 2020

The WhiteHat Pen Test Service is a comprehensive application security testing bundle which includes WhiteHat's industry proven Sentinel Dynamic for complete web application security and Bugcrowd's unique crowdsourced pen test performed by their security experts to find high priority vulnerabilities and help organizations meet key compliance requirements.

Infographic: WhiteHat Sentinel Auto API

by WhiteHat SecurityApr 14, 2020

Sentinel Auto API Software-as-a-Service (SaaS) platform provides highly scalable, accurate and fully automated vulnerability scanning for web service APIs, public, private and internal facing APIs.

Whitepaper: Application Security in the Cloud

by WhiteHat SecurityMar 12, 2020

Companies today increasingly seek to take advantage of the cloud for hosting their applications. According to IDC's U.S. DevOps Survey of Large Enterprise Organizations, 2019, most companies already have 25% of their applications running in the cloud. These organizations are generally looking to take advantage of the benefits of cloud computing such as infrastructure as code (IaC), dynamic scaling, and faster time to market.

A shift to the cloud can help reduce hardware and energy costs in the corporate datacenter. It is also easier for applications to be dynamically scaled up and down based upon end-user demand — so companies pay for only the time the machine or software function was active. With cloud, organizations can instantly provision IT infrastructure, speeding delivery of IT projects that are critical to revenue growth or cost reduction. However, getting application updates into the cloud quickly does no good if the application is encumbered by security vulnerabilities. For DevOps teams deploying software to the cloud, security needs to be top of mind — not an afterthought.

    Download this whitepaper to learn:
  • The current trends in Cloud-native application technologies — what do distributed microservices and serverless functions mean for developers and application development?
  • The modern security tools that DevOps teams are turning toward and why
  • Why the demand for advanced SAST, DAST and SCA is expected to keep growing

Whitepaper: Simplify Your Application Security

by WhiteHat SecurityDec 06, 2019

Aimed at helping you simplify your company's application security; this whitepaper offers recommendations to combat some of the most common application security issues experienced by organizations today.

Research Report: 2019 Stats Report: The DevSecOps Approach

by WhiteHat SecurityAug 13, 2019

WhiteHat Security is now a wholly-owned, independent subsidiary of NTT Security. With this strategic development, we are able to combine the global reach of NTT with WhiteHat's deep expertise in application security. As a result, our research now offers the most comprehensive perspective on the current state of application security, as well as recommendations on how to implement DevSecOps effectively.

The 2019 WhiteHat Application Security Statistics report looks at our underlying application security data to derive conclusions, identify trends and highlight what's working and what's not when it comes to DevSecOps and secure application delivery. This report is the product of data analysis derived from evaluating data from approximately 17 million application security scans performed by organizations in 2018.

Why Read This Report?
Application Security has become critical to business success
The cliche 'there's an app for that' underlies today's business maxim: applications are at the foundation of today's enterprise. As the digital transformation continues, organizations are beginning to realize that security is not merely another table stake, it's the timber the rest of the organization is built upon.

Pace and rate of change in today's application development are blindingly fast
Apps are now the way to out-innovate competition across industries which is why teams are increasingly focused on time-to-market and time-to-value when it comes to application development.

Security & DevOps are converging - and an approach for success has emerged
The phased approach to DevSecOps we outline in this year's report is a macro-trend that supports the Security and DevOps convergence, and empowers teams to deliver better performing and more secure apps - and meet the goal of rapid innovation and reliable service delivery.

Who Should Read This Report?
For Business Decision Makers...
How to measure the effectiveness of your application security investment to help mitigate overall business risk.

For Security Professionals...
How to best defend your applications by evaluating how your vulnerability levels and remediation times compare with industry benchmarks.

For Application Development and Operation Teams...
How to develop software more securely by partnering with the security team to adopt tools and methodologies compliant with your software development lifecycle (SLC).

Whitepaper: Know your Risk to Make Strategically Smart Decisions on Application Security

by WhiteHat SecurityJul 03, 2019

Web application security has become a critical issue for organizations of all sizes, and yet security organizations today are often understaffed for the job they're assigned to do. That's partly because there has been an explosion of web applications. In the past, an organization might need to scan its top five enterprise applications for vulnerabilities. Now organizations need to understand risk profiles for dozens, hundreds, or thousands of applications in production.

With the increase in the number of applications, a tremendous number of vulnerabilities are going unmitigated or unremediated, simply because there are more vulnerabilities than any organization has the time or staff to fix. And while the number of applications to manage has grown, the size of the security staff has not.

This paper describes such a risk-based approach, which can lead to better strategic decisions and enhance the ability of security organizations to succeed in their mission of securing web applications.

Whitepaper: IDC SpotLight: Protecting Against Threats with Application Security Testing

by WhiteHat SecurityJul 03, 2019

Application security testing will play a major role in the next generation of security architecture. This IDC Technology Spotlight looks at the role of WhiteHat Security in the marketplace for application security testing solutions.