Welcome to White Out Security's Sentinel training for developers.
In this tutorial, we will cover the following sections of the Sentinel interface
under the summary tab. In the update section, we show you any recent or upcoming changes to the saddle interface or service,
including dates and links to related articles.
Be sure to check here occasionally
and in the system maintenance section.
Here is where we will communicate any scheduled or emergency maintenance announcements, including start times and expected duration.
Please note. In the event of an emergency maintenance bulletin,
this section will become the default landing page when logging into sentinel
to make sure you don't miss it,
the asset section shows you these sites and applications under contract for sentinel service
sites. Are those applications using our dad asked, or dynamic application security testing solutions
while atz are those applications using our SAS TTE or static application security testing Solutions.
Let's focus on sites first
on the Sites tab, you'll see a list of sites by sight name.
For each site, you will see the service level.
This could be our baseline standard
premium or pre launch additions
the next column will display the number of open vulnerabilities for that site.
The scan schedule and Time zone columns will show the schedule and time zone for each site.
Von Data provides a quick link to the vulnerability detail report for that site,
status provides an icon based summary on the overall health of your scans.
Using a stoplight analogy,
a status with a green icon
indicates everything is good to go,
and the site is either being scanned or his paws as dictated by the schedule.
A yellow icon indicates configuration is being done on the white hat side,
and scanning will resume once to configuration is complete.
A red icon indicates we are missing something to scan your sight.
That being either a scan schedule
or Valli credentials,
you can also click on the legend status icons
for more information on the individual icons and their meanings.
You know also have the option to export this page to a C s fi file by using the export C. S. V file link,
allowing you to view this information in excel
or other program of your choice.
Now let's take a look at the AP stab
similar to the sites tab.
This section will list all your sentinel source applications currently under service
under application name.
You will see both the name and language of your application.
Total findings will provide the count of open vulnerabilities for your application.
The phone data provides a quick link to the vulnerability report for the application,
and lastly, the compliance section will show if the application is currently in PC I. Compliance or not,
this is a bit more complicated to discuss than the scope of this training module, so it will be explained in more detail at a later time.
And as before, you can filter your results.
Under the group's tab,
you will see a list of all groups you've created.
Groups are a good way to easily assign access to team members for just the sights and APS they need to see.
As you can see in this example,
we have a group for our production sites and one for our pre production sites.
When I create a new user, that's part of my production team.
I can just add him or her to the group,
and they will then have access to all sites and APS in that group.
It definitely beats having to add a site, are apt to user on a one by one basis.
In our previous tutorial, we covered the basics of the assets tab.
Now we're going to drill down a little deeper into what you can access per site or per app.
First, let's click on one of our sites here.
We now see we have some additional functions we can access as well as additional information.
In the overview section, we summarize various information about your sight, including site, name,
service level and more.
In this section, I want to draw your attention to the Link Information Area.
As we call your sight,
we will find more and more pages.
We provide you a list of the pages tested in the current scan
as well as the last completed scan.
These will be links you can click on to see the list.
We also show you the primary host name and any associated host names for your site
and on the far right,
we show you the priority set for your site as well as the global and industry ranks.
These ranks give you an idea of how your sight compares
to other sites scanned by White House security
site. Findings will take you to the findings information for just this site.
Now let's go back to the apse tab
and drill down on one of our applications
here. You will find some information regarding your application,
such as application name,
As with the site section, you can click on AP findings to see the vulnerabilities for this specific application.
The findings is the section where you will find all the information for vulnerabilities found in your sights and applications.
As with other sections, the information is divided by sites,
So let's take a look at the wealth of information available to you
When looking at the list of vulnerabilities, we see the following. For each vulnerability found.
Each vulnerability is given a unique vulnerability. I D
Volin status will show if a vulnerability is open or closed.
The score is a combined score of the severity, threat and site priority,
and we see the severity of the vulnerability in the next column.
The severity is measured on a scale of 1 to 5 and is a measurement of the amount of damage we believe could be done. Should the vulnerability be exploited,
we'll discuss threat when we drill down further into a specific vulnerability.
the icon under type indicates whether the vulnerability was found by sentinels automated assessment
illustrated by a computer icon
or found during the business logic assessment,
illustrated by a green check mark.
The status shows if a retest is available,
unavailable or pending.
If an automatic retest is unavailable,
this is usually caused by Sentinel not being able to access the site.
We also show the last day tested, date open
and date closed for vulnerability.
Next, we show the class of vulnerability based on the last two classifications.
You then have the site on which the vulnerability appears
the service level of that site and tags a note you can specify for each vulnerability.
If you wish to have a vulnerability retested,
simply click the checkbox on the far left for all vulnerabilities to be retested.
Then click the retest vulnerability button to start the retests.
For automatic retest, they should complete within 15 to 30 minutes
for manually retested vulnerabilities. These generally are completed within one business day.
Now let's drill down a little deeper into a specific vulnerability.
First from this page, if you click the Black Arrow icon, this will then display the open attack vectors found. For that vulnerability.
The attack victor shows where on the page
the vulnerability can be found.
Therefore, you can have multiple attack Victor's per vulnerability per page on your site.
As with the vulnerabilities, each attack vector is given a unique I. D.
You can also click on the vulnerability I D to go to the Vulnerability detail page.
This page gives you the basic information on the vulnerability providing its Class
how many days the vulnerability has remained open
on the right side. We have some information on the retest ability of the vulnerability as well as the score information
The score is the sum of the severity, threat and site priority.
The threat of a vulnerability is also rated on a scale of 1 to 5, and it measures the ease of which a vulnerability can be exploited
if the threat is high. For example, five. This means the vulnerability is very easy to exploit and can be done with very little knowledge or expertise.
Ah, threat of one, however, is very difficult to exploit and other requires expertise or intimate knowledge of your company.
Here we see the open attack vector information.
This particular vulnerability has
one open attack vector.
last retest, and you can also provide any notes per attack vector.
You can also drill down for attack Vector for even more detail,
such as the scanner request scanner response,
attack vector description and attack vector notes.
And if you have closed any attack Victor's, you will find those here.
The details and Solution section will give you some information on the vulnerability,
some information on remediating, the vulnerability
and, if available, a proof of concept.
Where are TRC will provide you the necessary information to demonstrate and reproduce the vulnerability.
Finally, we have the ask a question tab.
This allows you to ask a question about this specific vulnerability
and have a dialogue with the TRC engineer who worked on this vulnerability.
All dialogue is then log here.
You can use this form to ask for additional information
or additional help on a vulnerability.
The schedules tap provides a summary of the scan schedules and status for all your sights and APS under service.
you can view the sites listed by name
and the respective scan schedule and time zones.
As with the Assets page, we also show you the scan status.
The same is true for the apse section.
You can view the sites listed my name
and the respective schedule,
time zone and status.
White Hat Sentinel provides various reports, so let's take a look at the report section
and the reports available to you
from the report type dropped down. You have eight different reports from which you can choose
the executive summary and site. Summer reports are designed for executive staff
and provide a high level overview of your sights,
including colorful charts and graphs,
the Vulnerability Detail and Attack Vector. Detailed reports are designed for developers providing detailed information on the vulnerabilities,
helping your developers re mediate
The P C. I in sight security statement reports are designed more for auditors.
The PC I report provides some guidance with payment card industry standards
and which opened vulnerabilities would put you in jeopardy of failing compliance.
The science security statement report provides information on how you are addressing security for your sights and what White hat is doing to help with that.
The long running scans and completed scans reports provide information useful to sentinel administrators to help understand what is happening with the sights regarding automated assessments.
For each of the reports, you will be able to select the sights wanted and then other options specific to the report type
for the vulnerability and Attack Vector reports.
You'll be able to narrow the report by vulnerability, status,
vulnerability classes and so forth.
Once you have your options selected, just click. Generate Report to get the PDF or C. S v file.
The Beta reports currently offer seven new baby reports that use a new generation of reports we are developing
and are in the beta stage right now.
From the My Profile page,
you can control your profile information
as well as do some other account maintenance.
By clicking on edit,
you can update your personal information such as name,
job, title, et cetera.
Here is where you can also specify your email options,
and if you wish to expose host names
when you've updated your information, just click on save changes.
You can also change your password.
You will need to enter your current password
and confirm your new password before clicking. Save changes
from this page. You can also add a P G. Peaky. If you're male, Super isn't able to do so in order to receive secure emails from Sentinel.
If you have any questions, please don't hesitate to contact us.
You can re support, but going to https colon slash slash support dot white hat sec dot com and logging in to our customers Success portal.
You can also send us an email to support at white hat sec dot com or call us at 408343
8340 during our normal business hours Monday through Friday 6 a.m. to 7 p.m. Pacific time.
Thank you for watching