This integration will allow WhiteSource customers to view and manage their open source security vulnerabilities from within ThreadFix, enabling them to improve security management with a comprehensive view of all of the software vulnerabilities in both their proprietary and open source code.
Open source code comprises the backbone of today’s software development ecosystem, with more than 90% of applications relying heavily on open source components1. However, this code can contain vulnerabilities and leave companies exposed if not detected and patched quickly.
Software development teams require effective tools to detect and remediate vulnerabilities within their internally developed and externally sourced code throughout the development lifecycle.
“Maintaining security within the development pipeline is vital for the DevSecOps community,” said Dan Cornell, Denim Group CTO.
“We are excited to announce our integration with WhiteSource as it is a direct response to market demand and commercially relevant products, and we are confident that it will provide current and future customers the resources necessary to manage code vulnerabilities and risk effectively.”
Through the integration with ThreadFix, WhiteSource customers will be able to consolidate their Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA) results into one single unified view, streamlining their vulnerability management efforts.
The simplified view and risk-based filtering will also allow security teams to more readily prioritize vulnerabilities based on severity, giving them the perspective they require to find and remediate the most serious vulnerabilities first.
“We are excited to move forward in our partnership with the Denim Group team, making it easier than ever for WhiteSource and ThreadFix customers to manage their open source security as a part of their software development management practices,” says WhiteSource’s VP of Product, David Habusha, adding that, “It’s important to us that WhiteSource customers can manage their open source vulnerabilities as seamlessly as possible.”