WhiteSource, the leader in continuous open source security and license compliance management, announced today the launch of its Contextual Pattern Matching (CPM) Engine. The patent-pending technology, enhances capabilities for pinpoint accuracy in detection and association of source files to source libraries.
The CPM Engine for open source component detection and association automatically matches source files to open source libraries faster and more accurately than previous generation solutions.
The process of accurately detecting and associating source files to source libraries has been an ongoing challenge for Software Composition Analysis (SCA) solutions. WhiteSource has been evolving its detection capabilities, using diverse factors like: multiple hashes, file metadata, full dependency resolution or package manifests, to provide best-in-class detection. The new engine's CPM capabilities improves accuracy levels even further, reducing sensitivity to local files edits, copying files between different systems, and various minor changes.
Customers that have upgraded to the new engine reported experiencing a substantial boost to productivity due to WhiteSource's quicker and more accurate process. Preliminary analysis of the new engine shows an overall 80% improvement in associating source files accurately to source libraries, resulting in a fully automated process for detecting open source components in real-time.
In addition, the CPM Engine is the first programming language agnostic matching engine, which supports more than 200 different programming languages out of the box.
“The CPM engine technology powering the WhiteSource open source management solution will enable our customers to take their open source vulnerability, licensing, and quality management to the next level,” said David Habusha, VP Product at WhiteSource. “Our state of the art technology covers even more open source files and boosts file detection and accurate association to open source libraries, providing faster and more precise results.”
