WhiteSource Benefits

reviewer1261788
VP R&D at a software R&D company with 51-200 employees
WhiteSource improved our team’s ability to deal with vulnerabilities in a timely manner. Most of the time the alerts pile up and no one wants to deal with it, but the process now is much more simplified and convenient. It is still a task, but the service reduces the time spent on it significantly. It is very easy to use and the research decreased to almost none. The GitHub integration provides us with the option to prevent security issues related to our open source libraries pre-build. It helped our teams discover vulnerabilities before usage, and fix issues within our existing environment and workflow. View full review »
reviewer1250697
User at a tech vendor with 1,001-5,000 employees
We moved from Black Duck to WhiteSource as it was a more modern and scalable solution, with better integration support to various build and source environments. The ease of running scans and getting results quickly enables our developers to address issues quicker. View full review »
reviewer1257792
Co Founder at a consumer goods company with 11-50 employees
The best thing is that it changed the mindset of our developers. They are now more aware and proactive when it comes to the security risks in open source vulnerabilities and the need to update packages from time to time. It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions. The WhiteSource prioritization feature provides us with the greatest value as it has cut down the number of security alerts by about 90%. It is only relevant for Java and JS for now, but we understand more is yet to come. This has saved us a lot of time. View full review »
Learn what your peers think about WhiteSource. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
426,265 professionals have used our research since 2012.
Alon Michaeli
Founder & CEO at Data+
WhiteSource is very easy to run and use. It reduced significantly the time our developers used to spend on issues in open-source libraries. We used a free tool before and the number of alerts was too high to handle. We recently implemented WhiteSource on our Github account. It provides our developers with better visibility into open source libraries within their code environment, which helps the company in ensuring dev adoption. When it comes to open-source licenses, it really simplified reporting as it provides an inventory list in a simple report. Before WhiteSource it was almost impossible, mostly due to transitive dependencies. View full review »
reviewer1255491
VP R&D at a tech services company with 11-50 employees
WhiteSource allowed us to minimize our exposure to open-source vulnerabilities with ease. Aside from identifying the out-dated or compromised packages really easily, it allows us to actually see which vulnerabilities are effectively relevant for us. In this case, it saved us *A LOT* of refactors and redesigns of code, which would have been considered vulnerable otherwise. We integrated WhiteSource into our build system to ensure we keep our code secure and don't introduce new problems as we go. This allows us to have more predictability into the work process as security now becomes a constant work-in-progress instead of a major bulk of work every now and then. View full review »
reviewer1264290
Project Manager at a health, wellness and fitness company with 11-50 employees
We were able to integrate the product naturally into our development process and it provided results really fast. You can easily use the unified agent and connect your CICD tools. It scans all of your source code quickly and it took us just a few minutes to run. The REST API is really good as well. In the past, running similar tools or trying to get feedback on our open-source state was almost impossible. Our primary goal was to get the license reports, but now we have a full end-to-end process that automates all license management, open-source license approval, rejection, ticket assignment, and more. View full review »
reviewer1268112
DevOps CI/CD Team Lead at a software R&D company with 10,001+ employees
In general, we are covered for open source licensing issues and CVE errors on particular versions for open source dependencies. Moreover, we have covered ourselves for security auditing by stating that we are users of WhiteSource. View full review »
reviewer1250700
Senior Productization Specialist at a tech services company with 51-200 employees
At first, WhiteSource was great in regards to have a clear picture of what we use in our products. Then later, we started having different issues with WhiteSource, especially in our containers/Docker images. The problem has not been resolved yet, even after many followups on this matter. View full review »
Learn what your peers think about WhiteSource. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
426,265 professionals have used our research since 2012.