Welcome to White Out Security's Sentinel training for viewers.
In this tutorial, we will cover the following sections of the Sentinel interface
under the summary tab. In the update section, we show you any recent or upcoming changes to the saddle interface or service,
including dates and links to related articles.
Be sure to check here occasionally
and in the system maintenance section.
Here is where we will communicate any scheduled or emergency maintenance announcements, including start times and expected duration.
Please note. In the event of an emergency maintenance bulletin,
this section will become the default landing page when logging into sentinel
to make sure you don't miss it,
the asset section shows you these sites and applications under contract for sentinel service
sites. Are those applications using our dad asked or dynamic application security testing solutions
while APS are those applications using our SAS TTE or static application Security testing Solutions.
Let's focus on sites first
on the Sites tab, you'll see a list of sites by sight name.
For each site, you will see the service level.
This could be our baseline standard
premium or pre launch additions
the next column will display the number of open vulnerabilities for that site.
The scan schedule and Time zone columns will show the schedule and time zone for each site.
Von Data provides a quick link to the vulnerability detail report for that site,
status provides an icon based summary on the overall health of your scans.
Using a stoplight analogy,
A status with a green icon
indicates everything is good to go
and the site is either being scanned or his paws is dictated by the schedule.
A yellow icon indicates configuration is being done on the white hat side,
and scanning will resume once to configuration is complete.
A red icon indicates we are missing something to scan your sight.
That being either a scan schedule
or Valli credentials,
you can also click on the legend status icons
for more information on the individual icons and their meanings.
You know also have the option to export this page to a C s fi file by using the export C. S. V file link,
allowing you to view this information in excel
or other program of your choice.
Now let's take a look at the AP stab
similar to the sites tab.
This section will list all your sentinel source applications currently under service
under application name.
You will see both the name and language of your application.
Total findings will provide the count of open vulnerabilities for your application.
The phone data provides a quick link to the vulnerability report for the application,
and lastly, the compliance section will show if the application is currently in PC I. Compliance or not,
this is a bit more complicated to discuss than the scope of this training module, so it will be explained in more detail at a later time.
And as before, you can filter your results.
Under the group's tab,
you will see a list of all groups you've created.
Groups are a good way to easily assign access to team members for just the sights and APS they need to see.
As you can see in this example,
we have a group for our production sites and one for our pre production sites.
When I create a new user, that's part of my production team.
I can just add him or her to the group,
and they will then have access to all sites and APS in that group.
It definitely beats having to add a site, are apt to user on a one by one basis.
In our previous tutorial, we covered the basics of the assets tab.
Now we're going to drill down a little deeper into what you can access per site or per app.
First, let's click on one of our sites here.
We now see we have some additional functions we can access as well as additional information.
In the overview section, we summarize various information about your sight, including site, name,
service level and more.
In this section, I want to draw your attention to the Link Information Area.
As we call your sight,
we will find more and more pages.
We provide you a list of the pages tested in the current scan
as well as the last completed scan.
These will be links you can click on to see the list.
We also show you the primary host name and any associated host names for your site
and on the far right,
we show you the priority set for your site as well as the global and industry ranks.
These ranks give you an idea of how your sight compares
to other sites scanned by White House security
site. Findings will take you to the findings information for just this site.
Now let's go back to the AP stab
and drill down on one of our applications.
Here. You will find some information regarding your application,
such as application name,
As with the site section, you can click on AP findings to see the vulnerabilities for this specific application
findings is the section where you will find all the information for vulnerabilities found in your sights and applications.
As with other sections, the information is divided by sites, APS and groups.
So let's take a look at the wealth of information available to you
When looking at the list of vulnerabilities,
we see the following. For each vulnerability found.
Each vulnerability is given a unique vulnerability. I D
phone status will show if a vulnerability is open or closed.
The score is a combined score of the severity, threat and site priority,
and we see the severity of the vulnerability in the next column.
The severity is measured on a scale of 1 to 5 and is a measurement of the amount of damage we believe could be done. Should the vulnerability be exploited.
We'll discuss threat when we drill down further into a specific vulnerability.
We also show the last day tested, date open and date closed for a vulnerability.
Next, we show the class of vulnerability based on the last two classifications.
You then have the site on which the vulnerability appears
the service level of that site
and tags the notes You can specify for each vulnerability.
Now let's drill down a little deeper into a specific vulnerability.
from this page, if you click the Black Arrow icon,
this will then display the open attack vectors found. For that vulnerability.
The attack vector shows where on the page the vulnerability can be found. Therefore,
you can have multiple attack vectors per vulnerability
per page on your site.
As with the vulnerabilities, each attack vector is given a unique I. D.
You can also click on the vulnerability I D to go to the Vulnerability detail page.
This page gives you the basic information on the vulnerability providing its Class
how many days the vulnerability has remained open
on the right side. We have some information on the retest ability of the phone ability
as well as the score information.
As stated previously, the score is the sum of the severity,
threat and site priority.
The threat of vulnerability is also rated on a scale of 1 to 5,
and it measures the ease of which a vulnerability can be exploited
if the threat is high. For example, five.
This means the vulnerability is very easy to exploit
and could be done with very little knowledge or expertise.
A threat of one, however, is very difficult to exploit and either requires expertise or intimate knowledge of your company.
Here we see the open attack vector information.
This particular vulnerability has one open attack vector.
and you can also provide any notes per attack vector.
You can also drill down for attack Victor for even more detail, such as the scanner, request,
attack vector description
and attack Victor notes.
And if you have any closed attack vectors,
you will find those here.
The details and Solution section will give you some information on the vulnerability, including references,
some information on remediating the vulnerability
Where are TRC will provide you the necessary information to demonstrate and reproduce the vulnerability?
Finally, we have the ask a question tab.
This allows you to ask a question about this specific vulnerability
and have a dialogue with the TRC engineer
who worked on this vulnerability.
All dialogue is then logged here.
You can use this form to ask for additional information
or additional help on a vulnerability.
The schedules TAP provides a summary of the scan schedules and status for all your sights and APS under service.
For sites, you can view the sites listed by name
and the respective scan schedule
As with the Assets page, we also show you the scan status.
The same is true for the apse section.
You can view the sites listed by name
and the respective schedule,
time zone and status.
White Hat Sentinel provides various reports, so let's take a look at the report section
and the reports available to you
from the report type drop down. You have eight different reports from which you can choose
the executive summary and site. Summer reports are designed for executive staff
and provide a high level overview of your sites, including colorful charts and graphs,
the Vulnerability detail and Attack Vector. Detailed reports are designed for developers providing detailed information on the vulnerabilities,
helping your developers re mediate open vulnerabilities.
The P C I and site security statement reports are designed more for auditors.
The PC I report provides some guidance with payment card industry standards
and which opened vulnerabilities would put you in jeopardy of failing compliance.
The Science Security Statement report provides information on how you are addressing security for your sights and what White Hat is doing to help with that.
The long running scans and completed scans reports provide information useful to sentinel administrators to help understand what is happening with the sights regarding automated assessments.
For each of the reports, you will be able to select the sights wanted and then other options specific to the report type
For the vulnerability and Attack Vector reports,
you'll be able to narrow the report by vulnerability, status, vulnerability classes and so forth.
Once you have your options selected, just click Generate Report to get the PDF or C S v file.
The Beta reports currently offer seven new baby reports that use a new generation of reports we are developing
and are in the beta stage right now.
From the My Profile page, you can control your profile information
as well as do some other account maintenance.
By clicking on edit,
you can update your personal information such as name
John, title, et cetera.
Here is where you can also specify your email options,
and if you wish to expose host names
when you've updated your information, just click on save changes.
You can also change your password.
You will need to enter your current password
and confirm your new password before clicking. Save changes
from this page. You can also add a P G. Peaky. If you're male, Super isn't able to do so
in order to receive secure emails from Sentinel.
If you have any questions, please don't hesitate to contact us.
You can re support, but going to https, colon slash slash support dot white hat sec dot com and logging in to our customers Success portal.
You can also send us an email to support at white hat sec dot com
or call us at 4083438340 during our normal business hours Monday through Friday. 6 a.m. to 7 p.m. Pacific time. Thank you for watching