- Company (that provides the nominated product / solution / service): WhiteSource
- Website: https://www.whitesourcesoftware.com/
- Company size (employees): 50 to 99
- Country: Israel
- Type of solution: Software
- Approximate number of users worldwide: 20 beta customers
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
While historically tools for open source security have focused on detection of open source components with known vulnerabilities, WhiteSource’s Effective Usage Analysis solution is able to differentiate between vulnerable functionalities that are effective (i.e. getting calls from the proprietary code) and those that are not.
By differentiating between the effective and ineffective vulnerable functionalities, WhiteSource’s solution reduces the number of alerts by a staggering 70%.
This tool is the first ever to equip developer teams with the ability to pinpoint the exact path to the vulnerable functionality in the code with full trace analysis.
WhiteSource, the leader in open source security and license compliance management recently launched its next generation Software Composition Analysis solutions – Effective Usage Analysis. The newly developed technology provides details beyond simply which components are present in the application, delving deeper with actionable insights on how components are being used, highlighting their impact on the security of the application.
This new technology reduces open source vulnerability alerts by 70%, showing which vulnerabilities are effective (i.e. getting calls from the proprietary code) and impact the security of the application, and which ones are ineffective. WhiteSource’s internal research on Java applications has found that only 30% of reported alerts on open source components with known vulnerabilities originate from effective vulnerabilities and require high prioritization for remediation.
WhiteSource’s innovative Effective Usage Analysis technology adds a never before seen level of resolution for understanding which functionalities are indeed effective. This reduces open source vulnerability alerts, and provides actionable insights with full trace analysis, pinpointing the vulnerabilities’ exact location in the code to lead to faster, more efficient remediation.
- Vote For This Nomination