WhiteSource Announces Support for GitHub Packages, Automates Container Security
WhiteSource can now automatically detect and fix security vulnerability in Docker images and binary packages published to GitHub Packages
TEL AVIV, Israel,ย Nov. 13, 2019ย โย WhiteSource, the leader in open source security and license compliance management, announced today support for GitHub Packages and with it the ability to automate container security.
GitHub customers who publish Docker images and packages to GitHub Packages can now automatically detect open source components with known vulnerabilities withย WhiteSourceโs new GitHub Security Action.
The new workflow enables GitHub customers to get security alerts on Docker images and packages within their GitHub UI, so developers can be notified on vulnerabilities in their applications earlier in the process when it is easier and quicker to fix.
โAutomating Docker image and package vulnerability identification and remediation through GitHub Action and Packages will help developers and enterprises reduce time and resources spent securing their codeโ saidย Jeremy Epling, Senior Director of Product Management at GitHub. โWe are happy to see WhiteSource deliver this solution through the GitHub Marketplace.โ
โGitHub customers can now integrate the scanning of Docker images into their CI/CD pipeline, automating the security of these images and their associated deployed containers,โ said David Habusha, VP Product of WhiteSource, โonce scanned, the results of the scan can then be managed with WhiteSourceโs various industry-leading reporting, policy, and notification options.โ
About Mend.io
Mend.io is a leading application security solution that helps organizations fix less and reduce risk faster. Built for both AI-driven and modern development workflows, Mend.io gives teams visibility into all code โ human-written, AI-generated, open source, third-party and container components โ and helps them prioritize and remediate the risks that matter most.
