WhiteSource Archives - Help Net Security

WhiteSource

WhiteSource rebrands as Mend to focus on the prevention of application security issues

May 26, 2022

WhiteSource announced the change of its name to Mend. The company is also launching an automated remediation for custom code security issues as well as integration of Mend …

WhiteSource releases free tool to detect and remediate Spring4Shell vulnerability

April 5, 2022

WhiteSource launched WhiteSource Spring4Shell Detect, a free command-line interface (CLI) tool that quickly scans projects to find vulnerable open source libraries for …

WhiteSource acquires DefenseCode and Xanitizer to enter into the SAST market

February 16, 2022

WhiteSource announced the company’s expansion into custom code security following two recent acquisitions and the availability of its static application security testing …

How threat actors are using npm to launch attacks

February 4, 2022

WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on …

WhiteSource for Azure Repos scans open source code for security vulnerabilities

January 28, 2022

WhiteSource released an Azure DevOps repository integration, allowing Azure DevOps users to detect all open source components and automatically enforce security policies …

WhiteSource Log4j Detect scans projects to find vulnerable Log4j versions

December 16, 2021

WhiteSource launched WhiteSource Log4j Detect, a free command-line interface (CLI) tool to help organizations quickly detect and remediate the Log4j vulnerabilities …

WhiteSource SBOM helps developers to protect the software supply chain

November 10, 2021

In an effort to help developers meet new governmental regulations for protecting the software supply chain, WhiteSource released WhiteSource SBOM, a new tool that creates a …

Regulation fatigue: A challenge to shift processes left

October 28, 2021

Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s …

WhiteSource Cure accelerates the delivery of secure software at scale

July 30, 2021

WhiteSource released WhiteSource Cure, an auto-remediation application designed for custom code. This pioneering release enables organizations to accelerate the delivery of …

Few security pros believe their organizations have reached full DevSecOps maturity

October 1, 2020

20% of security professionals described their organizations’ DevSecOps practices as “mature”, while 62% said they are improving practices and 18% as “immature”, a WhiteSource …

Fixing all vulnerabilities is unrealistic, you need to zero in on what matters

June 24, 2020

As technology constantly advances, software development teams are bombarded with security alerts at an increasing rate. This has made it nearly impossible to remediate every …

Number of open source vulnerabilities surged in 2019

March 13, 2020

The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. “This can be …

WhiteSource

WhiteSource rebrands as Mend to focus on the prevention of application security issues

WhiteSource releases free tool to detect and remediate Spring4Shell vulnerability

WhiteSource acquires DefenseCode and Xanitizer to enter into the SAST market

How threat actors are using npm to launch attacks

WhiteSource for Azure Repos scans open source code for security vulnerabilities

WhiteSource Log4j Detect scans projects to find vulnerable Log4j versions

WhiteSource SBOM helps developers to protect the software supply chain

Regulation fatigue: A challenge to shift processes left

WhiteSource Cure accelerates the delivery of secure software at scale

Few security pros believe their organizations have reached full DevSecOps maturity

Fixing all vulnerabilities is unrealistic, you need to zero in on what matters

Number of open source vulnerabilities surged in 2019

Don't miss

Fake ChatGPT for Google extension hijacks Facebook accounts

A common user mistake can lead to compromised Okta login credentials

A closer look at TSA’s new cybersecurity requirements for aviation

Best practices to secure digital identities

These 15 European startups are set to take the cybersecurity world by storm