WhiteSource Software
Open source security and licenses compliance
4,2 /5 (5 reviews) Write a Review!WhiteSource Software Overview
What is WhiteSource Software?
WhiteSource is the leading solution for agile open source security and license compliance management.
It integrates with your development environments and DevOps pipeline to detect open source libraries with security or compliance issues in real-time.
WhiteSource doesn’t only alert on issues, it also provides actionable, validated remediation paths to enable quick resolution and automated policy enforcement to speed up time-to-fix. It also helps you focus on what matters by prioritizing remediation based on whether your code is actually using a vulnerable method or not, and gu aranteeing zero false positives.
We've got you covered with support for over 200 programming languages, and continuous tracking of multiple open source vulnerabilities databases including the NVD, security advisories, peer-reviewed vulnerability knowledge bases, and open source projects issue trackers.
WhiteSource Software Overview
Pricing
Pricing options
Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing
WhiteSource Software Features
Media
WhiteSource Software Reviews
WhiteSource Software Reviews
FOSS lifecycle management with Whitesource
Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies.
Makes life much easier and helps you cover all dependencies much more accurately.
Some processes are still a bit course (though improved dramatically over the past 18 months)
Refresh performance might be a bit slow when there are very large dependency lists.
Best product out there for FOSS lifecycle management
work with it for a long time still place to improve.
It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.
Tons of false positives, prepare to spend hours fixing it manually
After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.
Easy to use. Saves tons of time.
We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....
License Management in the cloud
I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!
Compare overall rating with alternatives
Compare with alternatives
FOSS lifecycle management with Whitesource
work with it for a long time still place to improve.
It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.
Tons of false positives, prepare to spend hours fixing it manually
After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.
Pros
Fast, quick reviews of your code. They do a good job of putting all the relevant reports and dashboards in front of you quickly. Once you manually fix everything, it can look really good.
Cons
The false positives are awful. I had to spend hours and hours manually fixing everything it mis-identified - dozens of libraries and thousands of source files. If you use a library not in its database... too bad. You can make a support request and wait for them to enter it for you, whenever they get around to it.
The search is pretty awful. There is some kind of syntax to using it but when I asked our account rep, she couldn't give me any documentation on it. You will frequently see results like "openssl-v0_9_8" in your search, but if you type "openssl" it will vanish and not come up. Don't ever both trying to search for a version, it doesn't work. This results in a lot of time scrolling through very large lists. Naming schemes are random and follow no established pattern.
For a good half of all libraries, they have not assigned a license. Guess who gets to go google search them all? You, the user! Isn't the point of this tool to help me identify the licensing?
UI navigation is challenging. Back button will take you to a different place than you were almost every time. You'll love the dashboard... because you have to go back to it roughly every 5 minutes and start over.
No great system for notes/todos/reminders. When you have to fix 60 libraries, it's hard to remember what you want to do with each one.
Easy to use. Saves tons of time.
We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....
Pros
easy
inexpensive
very comprehensive
no more hassle
License Management in the cloud
I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!
Compare user recommendation rating with alternatives
Compare with alternatives
WhiteSource Software Pricing
WhiteSource Software Pricing
Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing
Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing
Compare value for money rating with alternatives
Compare with alternatives
WhiteSource Software Features
WhiteSource Software Features
Compare features rating with alternatives
Compare with alternatives
Categories
Categories
Additional information for WhiteSource Software
Additional information for WhiteSource Software
Key features of WhiteSource Software
- Automated Policies- Premium Feature
- Automatic License Information Retrieval
- Conditional Approval- Premium Feature
- Free, Cloud-Based Service
- Instant Audits
- New Version Alerts- Premium Feature
- Open Source Inventory Management
- Organizational Licenses Report- Premium Feature
- Privacy
- Request and Approval Workflows
- Risk Analysis
- Risk and Task Management Dashboard
Benefits
- Find and fix open source vulnerabilities, in real time
- Prioritize vulnerabilities based on effectiveness
- Inventory management
- Open source license compliance
- Enforce policies automatically and create reports for all teams: security, DevOps, legal and management
- Supports due diligence, OEM or M&A
WhiteSource Software FAQs
WhiteSource Software FAQs
Below are some frequently asked questions for WhiteSource Software.
Q. What type of pricing plans does WhiteSource Software offer?
WhiteSource Software offers the following pricing plans:
Pricing model: Subscription
Free Trial: Available
Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing
Q. What are the main features of WhiteSource Software?
WhiteSource Software offers the following features:
- Automated Policies- Premium Feature
- Automatic License Information Retrieval
- Conditional Approval- Premium Feature
- Free, Cloud-Based Service
- Instant Audits
- New Version Alerts- Premium Feature
- Open Source Inventory Management
- Organizational Licenses Report- Premium Feature
- Privacy
- Request and Approval Workflows
- Risk Analysis
- Risk and Task Management Dashboard
Q. Who are the typical users of WhiteSource Software?
WhiteSource Software has the following typical customers:
, ,
Q. What languages does WhiteSource Software support?
WhiteSource Software supports the following languages:
English, French, German, Hebrew
Q. What type of pricing plans does WhiteSource Software offer?
WhiteSource Software has the following pricing plans:
Subscription
Q. Does WhiteSource Software support mobile devices?
We do not have any information about what devices WhiteSource Software supports
Q. What other apps does WhiteSource Software integrate with?
WhiteSource Software integrates with the following applications:
Bitbucket, CircleCI, Cloudbees, Docker Cloud, GitHub, GitLab, Jira, Microsoft Azure, ThreadFix, Travis CI
Q. What level of support does WhiteSource Software offer?
WhiteSource Software offers the following support options:
FAQs, Knowledge Base, Phone Support, Video Tutorials
Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies.
Makes life much easier and helps you cover all dependencies much more accurately.
Some processes are still a bit course (though improved dramatically over the past 18 months)
Refresh performance might be a bit slow when there are very large dependency lists.
Best product out there for FOSS lifecycle management