How to Create a SPDX SBOM Using WhiteSource
In this short video, we will demonstrate how to create an NTIA compliant Software Bill of Materials for applications that have been scanned using WhiteSource.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
New Log4j Vulnerability CVE-2021-44228: Info and Remediation
A newly published critical vulnerability in Apache’s widely popular Log4j Java library, CVE-2021-44228 (CVSS score 10) was published over the weekend, causing a lot of concern.
Azure DevOps Repository Integration
Are you using Azure DevOps Repositories? WhiteSource can integrate with your source control and quickly detect open source artifacts and their known vulnerabilities and licensing risks. WhiteSource also provides all the information you need to fix these artifacts automatically.
How to Make Your Vulnerability Management Metrics Count
Software development organizations are investing more and more resources in their vulnerability management programs. According to Gartner’s forecast, in 2021 enterprise security spending was expected to break records and grow 12.4% to reach 150.4 billion. But how do organizations know if they’re spending their security resources wisely? The answer can only be found by crunching the numbers.
Unified Agent - Local Scanning
This is the first video in a series describing how the WhiteSource Unified agent can be used to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on performing a scan on a user's local desktop.
Unified Agent - CI-CD Scanning | Azure DevOps
This is the second video in a series describing how the WhiteSource Unified agent can be used to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on performing a scan within a CI-CD pipeline such as Azure DevOps.
Unified Agent - PreBuilt Docker Image
This is the third video in a series describing how the WhiteSource Unified agent can be used to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on performing a scan with a prebuilt docker image that contains the unified agent and specific versions of each package manager.
Unified Agent - WhiteSource CLI
This is the fourth video in a series describing how the WhiteSource Unified agent can be used to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on performing a scan with the WhiteSource CLI which is a lightweight version of the unified agent that is designed for immediate feedback on a user's desktop.
Artifactory Installation & Viewing Results
This is the first video in a series describing how WhiteSource can integrate with Artifactory to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on how to install the plugin and view results within Artifactory
Vulnerability Management - What You Need To Know
Vulnerability management is becoming increasingly important to companies due to the rising threat of cyber security attacks and regulations like PCI DSS, HIPAA, NIST 800-731 and more. Vulnerability management is a comprehensive process implemented to continuously identify, evaluate, classify, remediate, and report on security vulnerabilities.