WhiteSource Pros and Cons

WhiteSource Pros

reviewer1261788
VP R&D at a computer software company with 51-200 employees
With the fix suggestions feature, not only do you get the specific trace back to where the vulnerability is within your code, but you also get fix suggestions.
View full review »
reviewer1250697
User at a tech vendor with 1,001-5,000 employees
Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software.
View full review »
reviewer1257792
Co Founder at a consumer goods company with 11-50 employees
It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions.
View full review »
Learn what your peers think about WhiteSource. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
510,534 professionals have used our research since 2012.
Alon Michaeli
Founder & CEO at Data+
Our dev team uses the fix suggestions feature to quickly find the best path for remediation.
View full review »
reviewer1255491
VP R&D at a tech services company with 11-50 employees
For us, the most valuable tool was open-source licensing analysis.
View full review »
reviewer1264290
Project Manager at a wellness & fitness company with 11-50 employees
The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies.
View full review »
Daniel Hall
Technical Architect at Dwr Cymru Welsh Water
The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate.
View full review »
ZD
reviewer1317438
Business Process Analyst at a financial services firm with 1,001-5,000 employees
The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine.
View full review »
NK
reviewer1268112
DevOps CI/CD Team Lead at a computer software company with 10,001+ employees
The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar).
View full review »
WL
reviewer1444512
Sr. Director, Cloud Operations at a computer software company with 1,001-5,000 employees
Its ease of use and good results are the most valuable.
View full review »

WhiteSource Cons

reviewer1261788
VP R&D at a computer software company with 51-200 employees
The UI is not that friendly and you need to learn how to navigate easily.
View full review »
reviewer1250697
User at a tech vendor with 1,001-5,000 employees
Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting.
View full review »
reviewer1257792
Co Founder at a consumer goods company with 11-50 employees
WhiteSource Prioritize should be expanded to cover more than Java and JavaScript.
View full review »
Learn what your peers think about WhiteSource. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
510,534 professionals have used our research since 2012.
Alon Michaeli
Founder & CEO at Data+
The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved.
View full review »
reviewer1255491
VP R&D at a tech services company with 11-50 employees
If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation.
View full review »
reviewer1264290
Project Manager at a wellness & fitness company with 11-50 employees
It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding.
View full review »
Daniel Hall
Technical Architect at Dwr Cymru Welsh Water
We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running.
View full review »
ZD
reviewer1317438
Business Process Analyst at a financial services firm with 1,001-5,000 employees
We have ended our relationship with WhiteSource. We were using an agent that we built in the pipeline so that you can scan the projects during build time. But unfortunately, that agent didn't work at all. We have more than 500 projects, and it doubled or tripled the build time. For other projects, we had the failure of the builds without any known reason. It was not usable at all. We spent maybe one year working on the issues to try to make it work, but it didn't in the end. We should be able to integrate it with ID and Shift Left so that the developers are able to see the scan results without waiting for the build to fail.
View full review »
NK
reviewer1268112
DevOps CI/CD Team Lead at a computer software company with 10,001+ employees
The dashboard UI and UX are problematic.
View full review »
WL
reviewer1444512
Sr. Director, Cloud Operations at a computer software company with 1,001-5,000 employees
It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process.
View full review »
Learn what your peers think about WhiteSource. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
510,534 professionals have used our research since 2012.