Listen to this article
* – This article has been archived and is no longer updated by our editorial team –
Below is our recent interview with Gabriel Avner from WhiteSource:
Q: Could you provide our readers with a brief introduction to WhiteSource?
A: Our solution provides software development and security teams full control and visibility over the open source components in their products. We detect all open source components, including dependencies, in real-time every time you run a build. Once a component is detected we check it against the security, license, and quality policies to approve, reject, or initiate an approval workflow or automatically open an issue tracker to ensure that developers will remediate the issue. Real-time alerts once a vulnerable component is introduced can save development teams significant resources as it is easier to fix an issue it is detected earlier in the software development lifecycle.
Another one is our Web Advisor that developers can use for selecting the right component the first time. When developers are searching for a new open source component on sites like Stack Overflow and elsewhere, the WhiteSource icon will appear next to the package references that they can use for accessing the code. By clicking on the icon, they will be shown essential information about the component, including whether it has any known vulnerabilities, what its license is, a quality score, if it is already being used in their organization, and if it meets their policies for use. This tool helps developers to avoid adding open source components that could harm their product later or would otherwise not be allowed at a later point, saving them valuable time. The Web Advisor is probably the greatest example of how WhiteSource believes in shifting as far left as possible, catching issues before they become problems.
Recommended: Songfinch Makes It Easy To Create The Most Unique Gift Ever – A Personalized Song
Q: You’ve been recently recognized for growth in 2017, breaking top 30 on list of top 1000 SaaS companies worldwide; could you tell us something more?
A: The past year has seen significant growth for our company as more and more businesses recognize the importance of securing their open source usage. As customer demand has grown, so has our company, allowing us to triple our headcount. We were thrilled to be cited as one of the fastest growing SaaS companies in the world, up there with unicorns like Slack and others, helping to get the word out there about our industry leading solution.
Q: Could you explain the most prominent advantages of your open source security and license management solutions?
A: WhiteSource was the first Software Composition Analysis platform to bring a SaaS solution to market, addressing the needs of the agile development community. Our solution allows customers to fully automate their selection, monitoring, and security for their open source components, letting them focus on building great products. We are continuously monitoring both the open source components in your inventory and vulnerability databases and a range of other important security sources. This is how we are able to issues alerts if a new vulnerability is discovered in a component that was previously believed to be safe, letting dev teams know that they need to implement a fix.
Q: Can you give us more insights into your features?
A: Our dashboard gives customers a full picture of all the open source components in their environment, showing them any and all vulnerabilities, as well as licenses, that might be associated with their open source components. One important feature that helps customers to take control of their open source usage is the ability to fail the build if a developer attempts to commit code with an open source component that does not meet their self-defined policies for security or licence compliance. This provides a safety net for developers to focus on writing code without worrying that an unapproved component could enter their product.
Another one is our Web Advisor that developers can use for selecting the right component the first time. When developers are searching for a new open source component on sites like Stack Overflow and elsewhere, the WhiteSource icon will appear next to package references that they can use for accessing the code. By clicking on the icon, they will be shown essential information about the component, including whether it has any known vulnerabilities, what its license is, a quality score, if it is already being used in their organization, and if it meets their policies for use. This tool helps developers to avoid adding open source components that could harm their product later or would otherwise not be allowed at a later point anyways, saving them valuable time. The Web Advisor is probably the greatest example of how WhiteSource believes in shifting as far left as possible, catching issues before they become problems.
Recommended: MyWorkDrive Aims To Totally Redefine Enterprise File Sharing
Q: What are your plans for next four months?
A: Forrester recently reported that Software Composition Analysis is expected to be one of the fastest growing application security technologies over the coming year. WhiteSource intends to stand out as a leader in this industry, rolling out with new solutions to help companies to further automate the way that they select, detect, and remediate vulnerabilities in their open source components. This will include new technologies for detection of open source components and understanding how they impact the security of our customer’s products.
Activate Social Media:
