Identify, manage, and audit open source licenses
4.2/5 (5 reviews)WhiteSource offers an agile approach to software companies for open source management. We audit your code every time you run your build
With White Source’s easy-to-use, cloud-based platform companies can:
- Open source licensing and compliance management
- Open Source security vulnerabilities alerts and management
- Executive dashboards, policy enforcement, and reporting
We continuously monitor public repositories for security vulnerabilities, so you won’t have to. We will proactively alert you when vulnerabilities that affect your product are discovered. You will also be updated on fixes when they become available.
WhiteSource is the only solution that manages open source components in all popular programming languages and development environment.
Founded by experts in business process automation, compliance and security, White Source is committed to helping companies realize the full benefits of Open Source – while minimizing the risks. For more information about WhiteSource, visit us at www.whitesourcesoftware.com.
Pros
Fast, quick reviews of your code. They do a good job of putting all the relevant reports and dashboards in front of you quickly. Once you manually fix everything, it can look really good.
Cons
The false positives are awful. I had to spend hours and hours manually fixing everything it mis-identified - dozens of libraries and thousands of source files. If you use a library not in its database... too bad. You can make a support request and wait for them to enter it for you, whenever they get around to it.
The search is pretty awful. There is some kind of syntax to using it but when I asked our account rep, she couldn't give me any documentation on it. You will frequently see results like "openssl-v0_9_8" in your search, but if you type "openssl" it will vanish and not come up. Don't ever both trying to search for a version, it doesn't work. This results in a lot of time scrolling through very large lists. Naming schemes are random and follow no established pattern.
For a good half of all libraries, they have not assigned a license. Guess who gets to go google search them all? You, the user! Isn't the point of this tool to help me identify the licensing?
UI navigation is challenging. Back button will take you to a different place than you were almost every time. You'll love the dashboard... because you have to go back to it roughly every 5 minutes and start over.
No great system for notes/todos/reminders. When you have to fix 60 libraries, it's hard to remember what you want to do with each one.
Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies.
Makes life much easier and helps you cover all dependencies much more accurately.
Some processes are still a bit course (though improved dramatically over the past 18 months)
Refresh performance might be a bit slow when there are very large dependency lists.
Best product out there for FOSS lifecycle management
It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.
We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....
Pros
easy
inexpensive
very comprehensive
no more hassle
I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!
$2,750/year per product
- Simple, cost-effective
- For organizations of any size
- Ensures compliance OSS licenses
- Reduces risk to intellectual property
- Reduces risk of vulnerabilities and defects
- Prevents lost business
- Supports due diligence, OEM or M&A
Below are some frequently asked questions for WhiteSource Software.
WhiteSource Software offers the following pricing plans:
Starting from: US$2 750,00/year
Pricing model: Open Source, Subscription
Free Trial: Available
$2,750/year per product
WhiteSource Software offers the following features:
WhiteSource Software has the following typical customers:
Large Enterprises, Mid Size Business, Small Business
WhiteSource Software supports the following languages:
English
WhiteSource Software has the following pricing plans:
Open Source, Subscription
We do not have any information about what devices WhiteSource Software supports
WhiteSource Software integrates with the following applications:
GitHub
WhiteSource Software offers the following support options:
FAQs, Knowledge Base, Phone Support, Video Tutorials
After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.