WhiteSource for Developers Debuts
May 15, 2019
for Developers is designed specifically to make developers' lives
simpler when working with open source, enabling them to code faster and
more securely. WhiteSource for Developers natively and frictionlessly
integrates to developers' environments (browsers, IDEs, and
repositories), offering developers the information they need, when they
need it, and where they need it.
By enabling developers to choose better open source components from the
start, detect vulnerable or problematic components in early stages of
development (IDEs and repositories), and speed up the remediation
process through automation, WhiteSource for Developers will allow
developers to "shift left" open source security and compliance
"WhiteSource for Developers" is a paid bundle that augments the
WhiteSource Core offering and includes four new capabilities:
WhiteSource Remediate, which continuously tracks repositories to
identify vulnerable open source components and generate fix pull
requests (PR) thus automating the remediation process; IDE Integrations,
which alert developers while coding to vulnerable open source components
within the IDE UI so they don't have to switch between applications or
wait until they've committed the code; Repos Integrations, which
continuously detects all open source components in the user's repos,
checks on every change for vulnerable or non-compliant components, sends
alerts within the repo UI and utilizes the repository's workflows; and
Browser Integration, a Chrome extension that allows developers to view a
snapshot of a component's details while browsing on web pages such as
StackOverflow, Maven Central, GitHub and many more before they download
it and incorporate it into the product.
bundling these four capabilities together, WhiteSource enables software
developers and their companies and organizations to more quickly adapt
to today's ever-evolving open source security environment, equipping
them with the tools they need to work at the speed of business.
"WhiteSource for Developers was built with the sole purpose of allowing
developers working with open source code do their jobs more effectively
and efficiently by prioritizing what matters most to them: delivering
the right information at the right time and in the right environment,"
said David Habusha, VP Product of WhiteSource. "As a company built by
developers, we are very proud to introduce this new offering, which we
truly believe will be a game-changer for every developer who works with
open source components."