"WhiteSource empowers businesses to develop better software by harnessing the power of open source."
We integrate with your CI servers, build tools and repositories to detect all open source components in your software, without ever scanning your code. It provides you with real-time alerts on vulnerable or problematic components, generates comprehensive up-to-date reports in one-click and enables you to streamline your entire open source management process with automated policies.
Get Real-Time Alerts on Security Vulnerabilities
WhiteSource will alert you in real-time whenever a vulnerable open source component is added to your build or when a vulnerability is discovered in a component already used in your software. You will also be alerted on severe software bugs, problematic licenses (according to your pre-defined policies), new versions and available fixes.
Shift Left Your Open Source Management
WhiteSource integrates with your GitHub repository and JFrog Artifactory to detect all problematic open source components as soon as they’re added, so you can find and fix issues even before you run a build.
WhiteSource also offers a browser plug-in which displays information on open source components, while you’re searching online repositories (like NuGet). This tool helps developers choose better components by displaying license information, quality rating, and security vulnerabilities, while also showing whether it meets their company’s policy before they even download it.
Automated Your Open Source Approval Process
Define your company’s open source policy to automatically approve, reject or ask for approval, on the basis of each component’s license, vulnerabilities, severe software bugs, # of newer versions and more
Generate Comprehensive Reports in One-Click
WhiteSource analyzes your open source usage every time you run your build. Therefore, in one click you can generate a full and accurate inventory report based on your last build. There is a wide range of additional automated reports like security vulnerability, software bugs, due diligence and many more. All reports can be exported and shares with other teams in your organization.
|The score for this service has improved over the past month. What is this?|