WhiteSource released WhiteSource Cure, an auto-remediation application designed for custom code. This pioneering release enables organizations to accelerate the delivery of secure software at scale.
Software developers and security professionals today struggle to address an increasingly growing backlog of security vulnerabilities while keeping up with aggressive release schedules. In fact, WhiteSource customer feedback shows the average developer effort for a single security fix is approximately half a day, which can add up to enormous delays in product releases. WhiteSource Cure, acts as a developer’s personal security expert, speeding up delivery, while simultaneously reducing their workload.
“While organizations are increasingly expecting developers to become security experts, we believe they don’t have to,” said Vered Shaked, Executive Vice President, Strategy & Incubation at WhiteSource. “With the launch of WhiteSource Cure, we are creating a reality where security and speed are no longer mutually exclusive.”
Application security testing tools today are too often focused on finding issues, rather than fixing them, generating a constant flow of security alerts that overwhelms organizations. Meanwhile, processes for deciding what security issues to address first, and then fixing these issues are manual and time-intensive. This also requires security knowledge that even experienced developers, who are at the heart of the shift left revolution, might lack — let alone novice ones. WhiteSource Cure relieves the application security workload through automation, providing developers with code they can trust.
The Community Edition of WhiteSource Cure is a free-forever developer tool designed for the open source community and currently limited to public projects only. Visit these links to view sample auto-remediation suggestions for popular projects: AltoroJ, Payara, Hadoop.