• Home
  • Newsroom
  • WhiteSource Joins OASIS's Static Analysis Standards Technical Committee

WhiteSource Joins OASIS's Static Analysis Standards Technical Committee

 WhiteSource, the leader in continuous open source security and license compliance management, announced today they have joined as a member to the Organization for the Advancement of Structured Information Standards (OASIS).

The international consortium is one of the leading organizations in driving the development and adoption of open standards in the technology sector, counting market leaders and governments as their members.

By joining OASIS, WhiteSource seeks to bring its vast experience and insights in the management of open source software vulnerabilities, helping to guide the organization's approach to the setting of standards for the industry.

As part of the membership, WhiteSource's Director of R&D Innovation Dr. Aharon Abadi will represent the company on OASIS's Static Analysis Results Interchange Format (SARIF) technical committee.

“By joining SARIF, WhiteSource will be able to take a proactive role in ensuring that the standards are created to prioritize open source security, integrating our understanding of how effective usage analysis affects vulnerability management to help drive the conversation in the industry forward,” says Dr. Abadi in his statement.

Dr. Abadi believes that by becoming a participant on the technical committee along with other significant actors in the software security markets including Microsoft, FireEye, and CA Technologies, WhiteSource will be able to influence the direction of standards creation at a significantly larger scale, introducing fresh approaches for prioritization and remediation of vulnerabilities in open source components.

A particular focus for Dr. Abadi will be his research on effective usage analysis on open source vulnerabilities that has been proven to reduce the scope of alerts by over 70%. Dr. Abadi hopes that by integrating WhiteSource's innovative approach to understanding how open source components are in fact being used by proprietary software, SARIF will be able to reshape the standards for prioritizing remediations throughout the software industry.

Meet The Author

Subscribe to Our Blog