An on-premise Software Composition Analysis solution using automated scans to help organizations understand their license compliance and security vulnerability exposure to open source packages. FlexNet Code Insight easily provides users with a Software Bill of Materials from across the software supply chain and offers continuous monitoring of assets, proactive vulnerability alerts, and recommended remediation actions. The solution helps development teams deliver secure products to customers while protecting IP and avoiding reputation damaging litigation.
About WhiteSource
WhiteSource is the leading solution for agile open source security and license compliance management.
It integrates with your development environments and DevOps pipeline to detect open source libraries with security or compliance issues in real-time.
WhiteSource doesn’t only alert on issues, it also provides actionable, validated remediation paths to enable quick resolution and automated policy enforcement to speed up time-to-fix. It also helps you focus on what matters by prioritizing remediation based on whether your code is actually using a vulnerable method or not, and guaranteeing zero false positives.
We've got you covered with support for over 200 programming languages, and continuous tracking of multiple open source vulnerabilities databases including the NVD, security advisories, peer-reviewed vulnerability knowledge bases, and open source projects issue trackers.
Features
API
Data Export
Data Import
External Integrations
History/Version Control
Multi-User
Notifications
Project Management
Task Scheduling/Tracking
Bug Tracking
Developer Tools
Access Management
Release Management
Test Management
Features
API
Data Export
Data Import
External Integrations
History/Version Control
Multi-User
Notifications
Project Management
Task Scheduling/Tracking
Bug Tracking
Developer Tools
Access Management
Release Management
Test Management
Summary
Inventory items are created manually by an analyst, automatically by the code scanner, imported from external data, or copied from another project.
Inventory items are optionally reviewed for completeness based on your inventory confidence. This is accomplished through the Analysis Workbench and Project Inventory Page in FlexNet Code Insight.
Inventory items are reviewed automatically through established policies or manually using review tasks.
Inventory items are remediated to address open tasks related to compliance and technical debt. Remediation is tracked through remediation tasks.
Inventory items are considered complete when they have been reviewed and there are no open alerts or tasks.
Summary
No key features associated with this application.
Pricing
1-50 Contributing Developers
$4,000.00
1-50 Contributing Developers
Included in plan:
Plans include unlimited plugins and up to 3 languages
Plans include unlimited plugins and up to 3 languages.
WhiteSource for Developer
FAQs
Who are the main user groups of this service?
VP/Dir/Mgrs of Software Engineering/Software Development, Security professionals including CISO and VPs, General Counsel and IP attorneys.
What platforms does this service support?
On-Premise
Does this service offer an API?
Yes
Does this service offer guides, tutorials and or customer support?
Yes
What are some applications this service is commonly used in tandem with?
Various Build, CI/CD, SCM, and IDE integrations including but not limited to: Eclipse, Visual Studio, Maven, MSBuild, Jenkins, Azure, GitLab, TFS, Perforce, Docker, JFrog, Bamboo, Gradle, git, BitBucket, TeamCity, and others.
Does this service integrate with any other apps?
Yes
What is this service generally used for?
Software engineering, security and compliance teams at software supplier companies needing to manage open source through continuous, automated analysis. Companies preferring an on-premise solution that focuses on security and compliance.
Does this service offer multi-user capability (e.g. teams)?