WhiteSource Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Real User
Head of Department for Software Engineering and Integration
Mar 07 2018

What is most valuable?

Several dashboards. The licenses dashboard, which gives me an overview of all the licenses used in our software. For example, right at the moment, there are several… more»

How has it helped my organization?

We find licenses together with WhiteSource which are associated with a certain library, then we get a classification of the license. This is with respect to criticality… more»

What needs improvement?

Every product has room for improvement, including WhiteSource. The stability of the product is web-based. We are obliged to use the Internet Explorer, and from… more»

What's my experience with pricing, setup cost, and licensing?

We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price.

If you previously used a different solution, which one did you use and why did you switch?

We did not use anything before WhiteSource.

What other advice do I have?

I recommend using WhiteSource to other companies if they are in a similar situation that we are. If they are having real problems in dealing with all these open source… more»

Which other solutions did I evaluate?

We did evaluate another tool along with WhiteSource, but we decided to take WhiteSource. There was this other tool, Black Duck, but we decided to work with WhiteSource… more»
Daniel Hall
Real User
Technical Architect at a energy/utilities company with 1,001-5,000 employees
Sep 19 2019

What is most valuable?

The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate. This helps us quite a bit.

What needs improvement?

We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from… more»

What's my experience with pricing, setup cost, and licensing?

The version that we are using, WhiteSource Bolt, is a free integration with Azure DevOps.

If you previously used a different solution, which one did you use and why did you switch?

For this use case, we did not use another solution prior to this one.

What other advice do I have?

For anybody who is researching this type of solution, my suggestion is to try them first. We tried quite a few of the various toolings available, and some of them are just not workable. They're very… more»

Which other solutions did I evaluate?

We are still evaluating at the moment, and have not officially adopted WhiteSource as of yet.
Find out what your peers are saying about Sonatype Nexus Lifecycle vs. WhiteSource and other solutions. Updated: September 2019.
370,655 professionals have used our research since 2012.
Bruno Lavit
Real User
Release Engineer at a tech vendor with 201-500 employees
Oct 30 2017

What is most valuable?

* Open Source dependencies scan * Common Vulnerabilities and Exposures (CVE) detection * Useful license and copyright reports. * Dashboards to manage the risk by product… more»

How has it helped my organization?

With WhiteSource, we have been able to automate the scan of our Open Source dependencies. Before, it was a 50% automated in-house solution.

What needs improvement?

Notifications could be improved. Everything else is OK. If one of our products is using a dependency with a black-listed license (LGPL, for example) we like to notify the… more»

What's my experience with pricing, setup cost, and licensing?

The setup cost is cheap. For our company, we received a good price to manage unlimited products and versions.

If you previously used a different solution, which one did you use and why did you switch?

We were using an in-house solution based on some Maven plugins. The process was not fully-automated. We were looking for a fully-automated solution.

What other advice do I have?

We are a happy customer.

Which other solutions did I evaluate?

We did a comparison with Black Duck, but WhiteSource was better at managing the Open Source stuff.
Josep Barranco
Real User
Director at a media company with 1,001-5,000 employees
Dec 21 2017

What is most valuable?

Scanning/collecting third-party libraries and classifying license types. In this way we ensure our third-party software policy is followed and that we’re not using… more»

How has it helped my organization?

To prevent shipping commercial or GPL libraries, we scan our repositories.

What needs improvement?

Better ACL and more role definitions. This product could be used by large organisations but it definitely needs a better role/action model. Right now (in my understanding)… more»

What's my experience with pricing, setup cost, and licensing?

Pricing / licensing model changed during last year so I don’t have an opinion here yet.

If you previously used a different solution, which one did you use and why did you switch?

We were using editors or Wiki to keep that information, but obviously it was not updated.

What other advice do I have?

It’s important to define guidelines and best practices regarding how to use the product internally; who defines what? Who accesses what? Best way to integrate my GitHub… more»

Which other solutions did I evaluate?

I evaluated Black Duck.

Articles

User Assessments By Topic About WhiteSource

Find out what your peers are saying about Sonatype Nexus Lifecycle vs. WhiteSource and other solutions. Updated: September 2019.
370,655 professionals have used our research since 2012.

WhiteSource Questions

What is WhiteSource?

WhiteSource offers an agile approach to open source management.
WhiteSource is a SaaS solution that integrates with your build process and audits your open source licenses, security and more every time you run your build.

WhiteSource customers

Autodesk, Temenos, Indeed.com, GE digital, KPMG, LivePerson, Jack Henry and Associates

Sign Up with Email