WhiteSource Room for Improvement

HeadOfDe306b
Head of Department for Software Engineering and Integration
Every product has room for improvement, including WhiteSource. The stability of the product is web-based. We are obliged to use the Internet Explorer, and from time-to-time I get messages which tells me that I do not have the rights to use WhiteSource, which is obviously wrong. I also suggested it to WhiteSource, and they told me that WhiteSource only works reliably for Firefox and Chrome. This has some room for improvement for me. Make the product available in a very stable way for other web browsers. From time to time, the dashboards don't display the full content that I expect. It seems that licenses are not shown nor are products are shown in full detail. I am just missing things at times. This might be due to the Internet Explorer issue, and if I am not using the right web browser, then maybe it does not work correctly. View full review »
reviewer1261788
VP R&D at a software R&D company with 51-200 employees
The UI is not that friendly and you need to learn how to navigate easily. It also doesn’t run as smoothly as I would want or expect, and I believe it requires some improvements. That said, the Success team is very attentive and does reply and answer related matters quite fast. Currently, effective vulnerabilities are only available in two languages, which is great, but I would be very happy to see more languages. It does cover most of our libraries, but we do have other languages in use. More coverage on that aspect would be helpful. View full review »
reviewer1250697
User at a tech vendor with 1,001-5,000 employees
Places in need of improvement are: * Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting. * Manual uploads of "wsjson" files can only be done by a global admin. Product administrators should be given this right for uploading files to their products/projects. * Better support for proxies is needed when running the unified file agent behind a proxy. It can be made to work, but the Java proxy config and cert trust for MitM traffic inspection are very painful to set up. View full review »
Find out what your peers are saying about Black Duck vs. WhiteSource and other solutions. Updated: February 2020.
398,259 professionals have used our research since 2012.
reviewer1257792
Co Founder at a Consumer Goods with 11-50 employees
WhiteSource Prioritize should be expanded to cover more than Java and JavaScript. We are currently using WhiteSource Prioritize for Java and it cuts our vulnerability alerts by almost 90%. However, Prioritize doesn't cover python or other languages at this point and our developers are required to deal with many open source security alerts. The problem is that now our developers are aware that most open source security alerts are not impacting the security of their applications and it's harder to get their cooperation. We are waiting for WhiteSource to announce support ifor Python and other languages. View full review »
reviewer1255491
VP R&D at a tech services company with 11-50 employees
The agent usage was not as smooth as the online experience. It lacks in terms of documentation and the errors and warnings it produces are not always very clear. We were able to get it up and running in a short while by getting help from support, which was very approachable and reliable. If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation. I would also like to get better integration with Google Docs. View full review »
reviewer1264290
Project Manager at a health, wellness and fitness company with 11-50 employees
It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding. View full review »
Daniel Hall
Technical Architect at a energy/utilities company with 1,001-5,000 employees
We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running. This would give us some sort of automated assurance. This is probably the feature that we'd most like to see. View full review »
Alon Michaeli
Founder & CEO
The changes that we would like to see are mostly usability issues. The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved. The UI is also too crowded. I believe that less information, or a different data summary, can be more readable. I know this is something they’re currently working on, but not sure where it stands. Reporting could be easier, as it does not export filtered-down lists. It would be really valuable to add the ability to customize options in the reports. View full review »
reviewer1268112
DevOps CI/CD Team Lead at a software R&D company with 10,001+ employees
The dashboard UI and UX are problematic. This solution looks like a 1995 web site and it's very hard to understand what the issue is and why it failed. View full review »
reviewer1250700
Senior Productization Specialist at a tech services company with 51-200 employees
WhiteSource needs improvement in the scanning of the containers and images with distinguishing the layers. This solution needs better support and customer service. View full review »
Find out what your peers are saying about Black Duck vs. WhiteSource and other solutions. Updated: February 2020.
398,259 professionals have used our research since 2012.