4.5 out of 5 (22 Ratings)
Jan 3, 2017
The vendor has great. They are an excellent provider of a a SAAS based solution for Application Security.
Dec 12, 2016
They are pretty responsive and I don't have to worry about keeping a WebAppSec pro on staff.
Dec 7, 2016
Very reliable, strong customer commitment, quick to respond.
Nov 30, 2016
The original onboarding process was handled very efficiently by WhiteHat and they explained in an appropriate level of detail how the service worked and how to use the portal. The service has been effective in identifying areas within our application where we have had issues we needed to address. Support has been good and on-boarding of subsequent extensions to our original scope has been handled well.
Nov 29, 2016
There have been significant struggles at the company. During this, they have tried to maintain continuity, but the direction and stability has been rocky. We opt to stay with WH because we now have an established longish-term relationship and dedicated account persons are making serious efforts to keep us happy. One of the biggest issues we've had is the flexibility of the DAST to be customized for our specific needs. Self-servicing is not a strong point, but WH is certainly giving it a try to improve. Another has been the high turnover rate which has effected But it is worth reiterating that WH is seriously making the effort to maintain relationships by customizing as many solution points as possible.
Nov 29, 2016
WhiteHat has been a good partner. They have always put resources when needed at our disposal, and continue to remain engaged in our code security efforts. Their static analysis tool has come very far from when I first reviewed it, and I consider it to be on par with other SaaS based static tools (to be fair, the very best results come from a fully tuned, on-premises tool). They do tend to push for more enhanced scanning levels, which of course comes with a cost increase, but they do not question a decision once made, and fully support the process. The technical resources they have put forth are always on point. They're good at what they do, or at a minimum, very well prepared. Integration is easy as they have a pretty well-featured API. We are able to automatically dump vulnerabilities to our tool of choice, which is important as we work in a very contractor-centric environment (on the development side). On the sales/renewal side, they work well with our processes, always putting needed resources at our disposal. We always work together at that time to ensure that our renewal is correctly sized to cover our existing needs and cover us for the future. We don't have much "waste" (unneeded scans) with our purchase, and much of this is due to the hard work WhiteHat puts into it along with our teams. I would like to collect better metrics. Their built-in reports are good, but I'd like to be able to dump everything into a single file and manipulate it myself which is sometimes cumbersome.
Nov 29, 2016
We have implemented a Web Application Vulnerability Management Program around the service WhiteHat provides. The program’s scope is our Internet facing, production web applications. WhiteHat's SaaS allows us run continuous DAST assessments against hundreds of applications utilizing a single FTE. They provide a good service that scales extremely well. Their support organization is friendly and easy to work with. WhiteHat's API allows us bring their vulnerability data into our aggregation tool, merge it with asset inventory data, and feed it into our downstream vulnerability management processes.
Nov 21, 2016
Ease of implementation and use. Solid dashboard reporting.
Nov 21, 2016
WhiteHat has proven to be committed to their customer's success. Their management team strives to ensure customer satisfaction, their on-boarding team is efficient and very helpful, and their Threat Research Center (TRC) is excellent in explaining scanning results/issues. They are helpful in ensuring that customer's get the most benefit from their service.
Nov 14, 2016
On-boarding team was strong and driven for us to succeed. Willing to help us learn while managing the implementation. Startup/entry was easy and stright forward and we were "up and running" with starting reports in just a few days.