4.5 out of 5 (22 Ratings)

21 Verified Reviews


Excellent and Versatile Functionality and Amazing Customer Service

The vendor has great. They are an excellent provider of a a SAAS based solution for Application Security.


Much cheaper and easier than funding an FTE for WebAppSec testing.

They are pretty responsive and I don't have to worry about keeping a WebAppSec pro on staff.


WhiteHat provides incredible customer service and great subject matter!

Very reliable, strong customer commitment, quick to respond.


Good service providing effective analysis; very easy to set up and maintain

The original onboarding process was handled very efficiently by WhiteHat and they explained in an appropriate level of detail how the service worked and how to use the portal. The service has been effective in identifying areas within our application where we have had issues we needed to address. Support has been good and on-boarding of subsequent extensions to our original scope has been handled well.


Up and down struggles, dedicated to improvements

There have been significant struggles at the company. During this, they have tried to maintain continuity, but the direction and stability has been rocky. We opt to stay with WH because we now have an established longish-term relationship and dedicated account persons are making serious efforts to keep us happy. One of the biggest issues we've had is the flexibility of the DAST to be customized for our specific needs. Self-servicing is not a strong point, but WH is certainly giving it a try to improve. Another has been the high turnover rate which has effected But it is worth reiterating that WH is seriously making the effort to maintain relationships by customizing as many solution points as possible.

Sentinel, Sentinel Source

WhiteHat in a contractor-centric enviornment

WhiteHat has been a good partner. They have always put resources when needed at our disposal, and continue to remain engaged in our code security efforts. Their static analysis tool has come very far from when I first reviewed it, and I consider it to be on par with other SaaS based static tools (to be fair, the very best results come from a fully tuned, on-premises tool). They do tend to push for more enhanced scanning levels, which of course comes with a cost increase, but they do not question a decision once made, and fully support the process. The technical resources they have put forth are always on point. They're good at what they do, or at a minimum, very well prepared. Integration is easy as they have a pretty well-featured API. We are able to automatically dump vulnerabilities to our tool of choice, which is important as we work in a very contractor-centric environment (on the development side). On the sales/renewal side, they work well with our processes, always putting needed resources at our disposal. We always work together at that time to ensure that our renewal is correctly sized to cover our existing needs and cover us for the future. We don't have much "waste" (unneeded scans) with our purchase, and much of this is due to the hard work WhiteHat puts into it along with our teams. I would like to collect better metrics. Their built-in reports are good, but I'd like to be able to dump everything into a single file and manipulate it myself which is sometimes cumbersome.


Continuous DAST assessments that scale well.

We have implemented a Web Application Vulnerability Management Program around the service WhiteHat provides. The program’s scope is our Internet facing, production web applications. WhiteHat's SaaS allows us run continuous DAST assessments against hundreds of applications utilizing a single FTE. They provide a good service that scales extremely well. Their support organization is friendly and easy to work with. WhiteHat's API allows us bring their vulnerability data into our aggregation tool, merge it with asset inventory data, and feed it into our downstream vulnerability management processes.


Solid cloud-based application security testing provider.

Ease of implementation and use. Solid dashboard reporting.


Smooth process from implementation through operations.

WhiteHat has proven to be committed to their customer's success. Their management team strives to ensure customer satisfaction, their on-boarding team is efficient and very helpful, and their Threat Research Center (TRC) is excellent in explaining scanning results/issues. They are helpful in ensuring that customer's get the most benefit from their service.


Fast easy implementation, Great at finding critical vulnerabilities quickly

On-boarding team was strong and driven for us to succeed. Willing to help us learn while managing the implementation. Startup/entry was easy and stright forward and we were "up and running" with starting reports in just a few days.