• Support Plus   |   Contact a Representative   |   Contact WhiteHat

• Website Risk Management
  • Asset Identification
  • Vulnerability Management
  • Reporting/Communication
  • Protection
• Sentinel Services
  • Cost-effective Solution
  • Benefits
  • Core Features
  • Unique Methodology
  • Selection Guidelines
  • Sentinel Premium Edition
  • Sentinel Standard Edition
  • Sentinel Baseline Edition
  • Sentinel for QA
  • PCI Compliance
  • Integration – via XML API
  • Certification Program
  • How Sentinel Works
  • WAF Integration
• Support Plus
  • Gold Service Level
  • Silver Service Level
  • Standard Service Level
  • Service Levels
• Education Services
  • Onsite Training
  •    Guidelines
  •    Building Secure Web Applications
  •    Adv. Secure Coding for Java
  •    Adv. Secure Coding for .NET
  • e-Learning
  •    Intro to Web App Security
  •    Secure Coding for Java
  •    Secure Coding for .NET
  •    Threat Modeling
• Events & News
  • News Coverage
  • Press Releases
  • Interviews
  • Awards
  
  
  
  • Sentinel Videos
• Resources
  • Whitepapers
  • Webinars & Presentations
  • Jeremiah Grossman Blog
  • Website Statistics Report
  • Website Security Glossary
• Partners
  • Strategic Partners
  • Partner Portal Login
• About WhiteHat Security
  • Leadership Team
  • Board of Directors
  • Success Stories
  • Careers
  • Contact Us
  • Support

• Partners
•    Strategic Partners
•    Partner Application Form
•    Partner Portal Login

Snort Integration – Sourcefire

Introducing the first-of-its-kind website security integration with Snort®, the leader in open source intrusion prevention systems (IPS). Now, WhiteHat Sentinel customers can use Sentinel vulnerability data to create ultra-targeted Snort rules, expanding the capability of an IPS to reliably detect application layer attacks. This new level of intelligence enables security professionals to increase their visibility into verified real-time threats. With Snort deployed at 80 percent of Fortune 100 companies and 42 percent of the Global 500, this advancement will have a significant impact on enterprise website security.

Laser-Focused Snort Rules: Cut Through the Noise

WhiteHat Sentinel is the first website vulnerability management solution to integrate verified website vulnerability data with Snort, thereby extending IPS from the network space to include websites, the foremost target for the enterprising hacker. The WhiteHat Snort Integration is easy to configure, allowing companies to quickly begin generating Snort rules for specific vulnerabilities.

WhiteHat Sentinel delivers the most complete and accurate vulnerability information available, which is the foundation of a comprehensive website risk management program. Snort integration enables security teams to monitor more effectively, fix problems, and precisely prioritize risk in their environment.

As a result, users can fine-tune Snort alerts and correlate findings to reduce noise and allow security teams to focus on real issues. Prior to the WhiteHat Sentinel / Snort integration, security professionals were forced to sift through reams of Web server logs to retrieve the same information now seamlessly generated and validated by WhiteHat. Now false positives are eliminated, so security teams can be confident that an alert signifies a real problem.

How it Works

The Sentinel / Snort integration is implemented as a script which when executed, will securely connect to the Sentinel open API to extract a website’s vulnerability details. The script will then translate the downloaded vulnerability information into Snort alert rules. Users may then apply these rules to a Snort IPS to alert on or block attacks against vulnerable websites.

The script may be scheduled to regularly pull vulnerability information from Sentinel.

Simple Deployment

The WhiteHat Sentinel open XML API for Snort is available immediately, free of charge, to all Sentinel customers. To begin using this feature, login into the WhiteHat Customer Support portal and click on the FAQ section. Search for the article titled, “Where do I find more information on Snort integration? This contains a downloadable .zip file. Open the file, read the release notes and after a simple configuration of your IPS, you’re ready to go.

In addition to Snort, the WhiteHat Sentinel open XML API enables data exchange with Web application firewalls (WAF), bug tracking systems and security information and event management systems (SIEM) to provide complete website risk management.

To Learn More

Download a PDF of the Data Sheet (172 KB PDF) ››