Reducing Enterprise Application Security Risks: More Work Needs to Be Done
Whitesource Ponemon Research Report: "Reducing Enterprise Application Security Risks"
Choose Your Type
Choose Your Topic
Our Latest Content
ISIT Shifting Compliance & Security Left – Into the Hands of The Developers
The software world is alive with talk of shifting left – but what does it really mean? Theoretically, it means shifting responsibility for security & compliance to developers. In practice, it largely means enriching CI/CD processes to detect problematic licenses & vulnerabilities before they reach the main branch or production. Shiri Arad Ivtsan, Director of Product Management at WhiteSource will discuss...
FOSSAware -Software Composition Analysis application as part of an effective Open Source compliance program
Encompassing over two-thirds of the average commercial software, open-source has become an essential part of modern software development. Undermanaging the consumption and redistribution of Open source expose the enterprise to extensive legal and security risks and is no longer a viable option. Having an effective Open Source compliance program is a key differentiator marking industry-leading...
How to Set Up an Open Source Strategy
How to set up and implement an open source strategy that will ensure open source security and compliance.
Eclipse SW360: Main Features
All about Eclipse SW360 - an application that helps manage the bill of materials — and its main features.
Why Manually Tracking Open Source Components Is Futile
Why you shouldn't track open source components usage manually and what is the correct way to do it.
Top 7 Questions to Ask When Evaluating a Software Composition Analysis Solution
Software Composition Analysis software helps manage your open source components. Here are 7 questions you should ask before buying an SCA solution.
License Compatibility: Combining Open Source Licenses
While open source licenses are free, they still come with a set of terms & conditions that users must abide by. Read why license compatibility is a major concern.
Diving Into the Evil internet – Vulnerability Prioritization Through the Eyes of Hackers
It’s a fact: software development teams are constantly bombarded with an increasingly high number of security alerts. Since fixing all vulnerabilities is unrealistic, it’s imperative that teams find a method to zero in on the security vulnerabilities that matter. The key: prioritization. But, there’s a big question: Which is the best way to prioritize? There...
All About Open Source Attribution Reports
What is an open source attribution report? Who needs it and why? And most importantly: what's the easiest way to produce one?
July 2020 Open Source Security Vulnerabilities Snapshot
Read our July’s open source vulnerabilities snapshot, your monthly overview of everything new in the fast-paced world of open source security vulnerabilities.
When’s the Right Time for an Open Source Audit?
An open source audit by a certified auditor identifies your open source inventory and gives you an analysis of licence compliance and security vulnerabilities.
How Does GDPR Impact Open Source Security Expectations?
Learn how to be better prepared for GDPR by adopting the right tools and getting on the right side of regulation easier, while building great software and serving customers.
Open Source Analysis Extends Your Visibility
Open source analysis gives you visibility into your open source code and allows you to manage your open source components.
The State of Open Source Security Vulnerabilities in 2020
WhiteSource’s Annual Report on The State of Open Source Security Vulnerabilities in 2020 found that a record-breaking number of new open source security vulnerabilities in was published in 2019. In our research, we focused on open source security’s weakest and strongest points in the hopes of bringing some clarity to the fast-paced and complex space...
Tips and Tools for Open Source Compliance
Open source is becoming indispensable to businesses and its usage continuously rises. The reasons why are clear: open source components are free, stable, and enable you to focus your resources on...
The State of Open Source Security
Open source security, once viewed as an oxymoron, has come into its own as a way for organizations to secure their environments without breaking their bank. As a result, a plethora of open source security technologies have flooded the market, creating more opportunity as well as challenges and a healthy dose of confusion. The webinar...
5 Things to know about Open Source Security
Open Source has become the key building block for application development in today’s market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. Join the industry expert, at...
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open-source components are prevalent in approximately 97% of modern applications and dominate anywhere between 60-80% of their codebases. This is hardly surprising given how integrating open source accelerates software development and enables organizations to keep up with today’s frantic release pace and standards of constantly supplying new features and improvements. However, taking into consideration the...
7 Open Source Projects We Love
Celebrating Valentines with a shout-out to Kubernetes, Ansible, django, Apache Cassandra, TensorFlow, and more open source projects that we love
Empowering Financial Institutions to use Open Source With Confidence
The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges,...
Open Source Security – Weighing the Pros and Cons
Over the past few years, open source has grown in popularity especially among developers using open source code in their application development efforts. In the security space, however, open source hasn’t been as widely embraced, mostly because of concerns over vulnerabilities. But is open source software really less secure?
Taking Open Source Security to the Next Level
Join us for a webinar featuring Forrester VP and Research Director Amy DeMartine to learn more about why open source security has become critical for securing modern applications, the main considerations when evaluating an open source security and license compliance solution and what she sees in store for the future. Additionally, WhiteSource Senior Director of...
Software Composition Analysis: How to Choose the Right Solution
So your organization finally made the important decision of implementing an open source management solution. Now what? how do you choose from the array of technologies and tools around?
Panel Discussion: Forrester’s Latest Wave Report on Software Composition Analysis
Last week The Forrester Wave™: Software Composition Analysis, Q2 2019 was published. We took part in MediaOps panel discussion to discuss the results of the report and which SCA vendors are right for software development and security teams and their needs.
The State of Open Source Security Management
It is no secret – open source has become the main building block in modern applications, and it is almost impossible to develop software at today’s pace without it. However, as the open source community grows, and the number of reported vulnerabilities keeps climbing, manually verifying the security and compliance of open source components can...
The Devops Challenge: Open Source Security at Scale
It’s no secret that open source components form the backbone of today’s software, comprising between 60-80% of modern applications. But with this, comes the alarming rise in open source vulnerabilities – more than 3,500 open source vulnerabilities were reported in 2017 – that’s 60% higher than the previous year, and the trend continued in 2018....
Ubiquitous Open Source Makes for Security Challenges
You don’t need an expert to tell you that open source software will be ubiquitous in the enterprise in 2019. You also don’t need an expert to tell you that this will present security challenges either. But what can you do in 2019 to ensure your open source software is as secure as you can...
New Research Reveals Key Strategy to Manage Open Source Security
According to the latest open source security research report from WhiteSource, “The State of Open Source Vulnerabilities Management” for 2018, almost 97% of developers rely upon open source components in order to develop their applications nowadays. But with the recent spike in disclosed open source vulnerabilities, the question arises whether security and development teams have...
The Top 10 Companies Contributing to Open Source
Which company’s GitHub users are the most active contributors when it comes to the top open source languages?
Have Yourself a Very Techy Christmas: 5 Christmas Gifts Your Developers Will Love
If you are having a tough time thinking of that perfect gift for your developers, then this list is for you.
Ready or Not Here It Comes: GDPR Compliance
As the date when the EU's GDPR (General Data Protection Regulation) goes into effect approaches, many organizations in the EU and outside of it need to assess their readiness and get into gear to...
Meet the Experts: Open Source Security 101
In this webinar we learn how to address any open source security concerns within your organization, understand the difference between securing your open source components and your proprietary code,
Open Source Compliance: The Carrot and the Stick
Open source has become central in how companies develop software products as it dramatically reduces time to market. The surprising thing is that, despite its high usage and popularity, many...
Managing Open Source Licenses with Jenkins – JUC Israel 2013
Rami Sass, Co-Founder at WhiteSource presented how you can use Jenkins latest integration with WhiteSource to fully monitor and control all open source licenses, including dependencies.
Webinar – Best Practices for Using Open Source Libraries in Cloud Based Development
oin Corregan Brown, co- founder of ProjectLocker, and Rami Sass, co-founder of WhiteSource to learn about the benefits of cloud-based development and how to best manage the use of open source.