WhiteSource Launches “WhiteSource for Developers”, Enabling Developers to Code Faster and More Securely
WhiteSource, the leader in open source security and license compliance management, announced today the launch of “WhiteSource for Developers”. The new offering is designed specifically to make developers’ lives simpler when working with open source, enabling them to code faster and more securely. WhiteSource for Developers natively and frictionlessly integrates to developers’ environments (browsers, IDEs, and repositories), offering developers the information they need, when they need it, and where they need it.
By enabling developers to choose better open source components from the start, detect vulnerable or problematic components in early stages of development (IDEs and repositories), and speed up the remediation process through automation, WhiteSource for Developers will allow developers to “shift left” open source security and compliance management.
“WhiteSource for Developers” is a paid bundle that augments the WhiteSource Core offering and includes four new capabilities: WhiteSource Remediate, which continuously tracks repositories to identify vulnerable open source components and generate fix pull requests (PR) thus automating the remediation process; IDE Integrations, which alert developers while coding to vulnerable open source components within the IDE UI so they don’t have to switch between applications or wait until they’ve committed the code; Repos Integrations, which continuously detects all open source components in the user’s repos, checks on every change for vulnerable or non-compliant components, sends alerts within the repo UI and utilizes the repository’s workflows; and Browser Integration, a Chrome extension that allows developers to view a snapshot of a component’s details while browsing on web pages such as StackOverflow, Maven Central, GitHub and many more before they download it and incorporate it into the product.
By bundling these four capabilities together, WhiteSource enables software developers and their companies and organizations to more quickly adapt to today’s ever-evolving open source security environment, equipping them with the tools they need to work at the speed of business.
“WhiteSource for Developers was built with the sole purpose of allowing developers working with open source code do their jobs more effectively and efficiently by prioritizing what matters most to them: delivering the right information at the right time and in the right environment,” said David Habusha, VP Product of WhiteSource. “As a company built by developers, we are very proud to introduce this new offering, which we truly believe will be a game-changer for every developer who works with open source components.
About Mend.io
Trusted by the world’s leading companies, including IBM, Google, and Comcast, Mend.io offers a full-spectrum application security platform designed to help leading organizations build and manage mature AppSec programs, enabling them to stop chasing vulnerabilities and start proactively managing application risk.