Virginia Commonwealth University Enrolls WhiteHat Security and its Application Security Platform to be the Foundation of its Application Vulnerability Management Program

WhiteHat Security announced today that academic institution Virginia Commonwealth University (VCU), has selected WhiteHat Security to keep its complex ecosystem of mission-critical applications secure.

VCU has chosen the WhiteHat Sentinel Source static application security testing (SAST) solution to ensure security is addressed early in the software development lifecycle (SDLC); and the WhiteHat Sentinel Dynamic solution for dynamic application security testing (DAST) to provide continuous vulnerability assessments of VCU’s live websites, ensuring the Richmond-based academic institution remains secure and compliant.

“We had to build our application vulnerability management program from the ground up, and WhiteHat guided us through this process,” said the contract administrator at Virginia Commonwealth University who led this deployment. “Although we’re still in the early stages of deployment, we have already noticed that our application developers are taking a more proactive approach to remediating vulnerabilities found by the WhiteHat platform. Combined with the continuous scanning provided by Sentinel Dynamic, we feel we’re doing everything possible to minimize our windows of exposure to cyber threats.”

VCU is a federated environment, so there is autonomy within departments when it comes to making most IT-related decisions. However, the university’s information security team is responsible for overall security across VCU departments and centers. The increasing pace of cyber attacks, combined with the need to adhere to multiple compliance standards – including FERPA, NIST 800-171, PCI and HIPAA – led VCU’s Infosec team to develop an application vulnerability management program, with application security at its core. The team evaluated a number of appsec vendors through a rigorous process to identify the right solution.

Following the review process, VCU turned to WhiteHat Security’s Application Security Platform, which provides a combination of SAST and DAST services. WhiteHat’s SAST service, Sentinel Source, provides developers with a solution that can quickly and accurately identify security vulnerabilities during the application development process, and provide actionable, prioritized results with custom remediation advice. WhiteHat’s DAST solution, Sentinel Dynamic, continuously scans websites for vulnerabilities, providing automatic detection and assessment of code changes and alerting for newly discovered vulnerabilities. Additionally, unlike alternative offerings, all vulnerability results are verified by WhiteHat’s Threat Research Center (TRC) security experts to remove false positives, and customers have direct support access to TRC engineers through the platform’s “Ask a Question” feature.

With more than 31,000 students and more than 2,200 full time teaching and research faculty members from 13 different schools, the university needed a solution to help them meet compliance and regulatory needs and to enjoy all the benefits of digital transformation without the security headaches.

“We were very impressed with the thoughtful and thorough evaluation process that the VCU team used to determine the right solution for their application vulnerability management program,” commented Matthew Handler, Chief Revenue Officer at WhiteHat Security. “Universities are challenged to secure the business of running the institution, as well as that of meeting many different compliance mandates. We’re delighted and honored that VCU chose WhiteHat Security to help them secure the digital lives of their employees, students and the local population they serve, and to meet the myriad compliance mandates unique to each division across the university.”