WhiteSource
WhiteSource rebrands as Mend to focus on the prevention of application security issues
WhiteSource announced the change of its name to Mend. The company is also launching an automated remediation for custom code security issues as well as integration of Mend …
WhiteSource releases free tool to detect and remediate Spring4Shell vulnerability
WhiteSource launched WhiteSource Spring4Shell Detect, a free command-line interface (CLI) tool that quickly scans projects to find vulnerable open source libraries for …
WhiteSource acquires DefenseCode and Xanitizer to enter into the SAST market
WhiteSource announced the company’s expansion into custom code security following two recent acquisitions and the availability of its static application security testing …
How threat actors are using npm to launch attacks
WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on …
WhiteSource for Azure Repos scans open source code for security vulnerabilities
WhiteSource released an Azure DevOps repository integration, allowing Azure DevOps users to detect all open source components and automatically enforce security policies …
WhiteSource Log4j Detect scans projects to find vulnerable Log4j versions
WhiteSource launched WhiteSource Log4j Detect, a free command-line interface (CLI) tool to help organizations quickly detect and remediate the Log4j vulnerabilities …
WhiteSource SBOM helps developers to protect the software supply chain
In an effort to help developers meet new governmental regulations for protecting the software supply chain, WhiteSource released WhiteSource SBOM, a new tool that creates a …
Regulation fatigue: A challenge to shift processes left
Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s …
WhiteSource Cure accelerates the delivery of secure software at scale
WhiteSource released WhiteSource Cure, an auto-remediation application designed for custom code. This pioneering release enables organizations to accelerate the delivery of …
Few security pros believe their organizations have reached full DevSecOps maturity
20% of security professionals described their organizations’ DevSecOps practices as “mature”, while 62% said they are improving practices and 18% as “immature”, a WhiteSource …
Fixing all vulnerabilities is unrealistic, you need to zero in on what matters
As technology constantly advances, software development teams are bombarded with security alerts at an increasing rate. This has made it nearly impossible to remediate every …
Number of open source vulnerabilities surged in 2019
The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. “This can be …