Open source risk management tool for Android application packages

Are there any security vulnerabilities in the open source you use?

At RSA Conference, WhiteSource announced the release of the industry’s first Android Application Package (APK) Analyzer, providing companies using and distributing Android applications a tool to detect known security vulnerabilities and open source licenses.

The development enables security, engineering, and legal teams, developing or acquiring Android applications from software vendors, to detect open source components and libraries, as well as to find and mitigate open source security vulnerabilities and licensing issues, all without the need to access the development environment.

WhiteSource provides a simple solution for companies that need to manage their open source assets to ensure license compliance and reduce risk. Developers and managers can use WhiteSource’s solution to track, audit and report on OSS components throughout the software development lifecycle.

It’s a comprehensive, user friendly solution and an industry first enabling a better product for businesses and consumers alike. WhiteSource’s solution is already in use by Better Mobile Security, a leading mobile endpoint technology solution.

“Our new tool represents serious progress in the struggle for better, safer mobile applications because it brings an extra layer of safety and ease of use to the huge market of Android software development”, said Rami Sass, CEO and Co-Founder of WhiteSource.

“With this announcement we’ve completely updated an outdated industry-wide business model. For the first time, security and legal teams access a full, comprehensive overview of the open source components in their apps before release, which results in significantly better products that are compliant.”