WhiteHat Security and Citrix | Solutions Brief

Understanding Application Vulnerabilities with WhiteHat Security

citrix.com/ready

WhiteHat Security and Citrix | Solutions Brief

WhiteHat Security identifies web application vulnerabilities with it’s proprietary scanning technology, WhiteHat Sentinel. The WhiteHat Threat Research Center, an army of highly qualified Application Security Engineers, fully verifies all findings identified by Sentinel. This ensures zero false positives and 100% actionable results. You can prevent malicious users from exploiting any discovered vulnerabilities by using this data to automate rules creation for the Citrix NetScaler Application Firewall. This tight integration reduces the risk to the business by immediately securing the vulnerable web applications.

Traditionally, organizations use web application scanning to discover vulnerabilities, which developers subsequently fix with patches. Relying on scanning alone can cost an organization days or weeks to develop and deploy the patches in production - leaving web applications exposed and vulnerable to attacks if no other counter measures are taken. In cases where codebases are no longer maintained for legacy applications, remediating a discovered vulnerability through traditional means may simply not be possible. The integration of Sentinel with NetScaler provides a rapid response to these situations, making it easier for application developers to stay on track with their Software Development Life Cycle (SDLC), while limiting risk by decreasing an application’s window of exposure.

Combining Citrix NetScaler Application Firewall and WhiteHat Sentinel simplifies the complexity and reduces the risk of error while delivering significant cost reductions, enabling organizations to:

• Reduce the number of resources required to perform web application security tasks by automating the vulnerability assessment of all web applications.

• Take advantage of the elastic WhiteHat cloud platform that removes the burden of installing and maintaining software.

• Streamline collaboration between developers and the organization’s application security stakeholders.

• Perform WebApp scans hosted inside the network or outside of the organization without needing to deploying additional physical or virtual scanners.

• Pinpoint vulnerability locations by both parameter and directory using Sentinel, so NetScaler can assign rules only where necessary - rather than implementing global rules that may block valid web traffic.

2

citrix.com/ready

WhiteHat Security and Citrix | Solutions Brief

Establish a single approach to application vulnerabilities with WhiteHat Sentinel and Citrix NetScaler IntegrationCoordinate your response to vulnerabilities by integrating the Citrix NetScaler Application Firewall integration with WhiteHat and:

• Gain deep insights: scalable and highly automated web application scanning with WhiteHat Security provides insight that increases the Citrix NetScaler Application Firewall level of detection based on the actual vulnerabilities detected.

• Mitigate vulnerabilities with a single click based on WhiteHat pinpoint findings, greatly limiting the chances of alerted false positives.

• Eliminate the need to involve the web application development team in creating a “virtual patch” on the application itself or any underlying system.

• Quickly protect against identified web application vulnerabilities without involving or impacting application development timelines

• Close the exploitation time window by ensuring organizations take the time to create the best application level controls instead of rushing out an untested patch that may cause other problems to the web application.

3

citrix.com/ready

Corporate HeadquartersFort Lauderdale, FL, USA

India Development CenterBangalore, India

Latin America HeadquartersCoral Gables, FL, USA

Silicon Valley HeadquartersSanta Clara, CA, USA

Online Division HeadquartersSanta Barbara, CA, USA

UK Development CenterChalfont, United Kingdom

EMEA HeadquartersSchaffhausen, Switzerland

Pacific HeadquartersHong Kong, China

About Citrix ReadyCitrix Ready identifies recommended solutions that are trusted to enhance the Citrix Delivery Center infrastructure. All products featuredin Citrix Ready have completed verification testing, thereby providing confidence in joint solution compatibility. Leveraging its industryleading alliances and partner eco-system, Citrix Ready showcases select trusted solutions designed to meet a variety of business needs.Through the online catalog and Citrix Ready branding program, you can easily find and build a trusted infrastructure. Citrix Ready not only demonstrates current mutual product compatibility, but through continued industry relationships also ensures future interoperability.Learn more at www.citrix.com/ready.

About WhiteHat SecurityWhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company’s flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available.

©2013 Citrix Systems, Inc. All rights reserved. Citrix®, Citrix Receiver™, HDX™, CloudGateway™, XenDesktop®, XenApp™, NetScaler® and XenVault™ are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.