WhiteSource Announces First Open Source Risk Management Tool for Android Application Packages
Tool Allows Companies to Analyze Open Source Security of Released Android Applications
[RSA, San Francisco, CA – March 1st 2016] WhiteSource, the real-time open source component management solution, today announced the release of the industry’s first Android Application Package (APK) Analyzer, providing companies using and distributing Android applications a tool to detect known security vulnerabilities and open source licenses.The development enables security, engineering, and legal teams, developing or acquiring Android applications from software vendors, to detect open source components and libraries, as well as to find and mitigate open source security vulnerabilities and licensing issues, all without the need to access the development environment.
“Our new tool represents serious progress in the struggle for better, safer mobile applications because it brings an extra layer of safety and ease of use to the huge market of Android software development”, said Rami Sass, CEO and Co-Founder of WhiteSource. “With this announcement we’ve completely updated an outdated industry-wide business model. For the first time, security and legal teams access a full, comprehensive overview of the open source components in their apps before release, which results in significantly better products that are compliant.”
WhiteSource’s solution provides security, engineering and legal teams with the ability to monitor the open source components used in an application, including security vulnerabilities, the severity of those vulnerabilities, and any licensing issues prior to distribution. It’s a comprehensive, user friendly solution and an industry first enabling a better product for businesses and consumers alike. WhiteSource’s solution is already in use by Better Mobile Security, a leading mobile endpoint technology solution.
“The new WhiteSource Android Analyzer is the best way for us to find open source security issues in released Android applications,” said Better Mobile Security CEO and Co-founder Senai Ahderom.
About Mend.io
Trusted by the world’s leading companies, including IBM, Google, and Capital One, Mend.io’s enterprise suite of application security tools is designed to help you build and manage a mature, proactive AppSec program.
Mend understands the different AppSec requirements of developers and security teams. Unlike other AppSec solutions that force everyone to use a single tool, Mend helps them work in harmony by giving each team different, but complementary, tools—enabling them to stop chasing vulnerabilities and start proactively managing application risk.