Secure Open Source Components
WhiteSource secures and manages open source components in your software. WhiteSource enables you to gain full control and visibility over your open source usage by continuously identifying all open source components in your software, including transitive dependencies. It then provides real-time alerts on security vulnerabilities, license compliance, and quality issues.
WhiteSource integrates with JFrog Artifactory and JFrog Xray to help you secure open source components in your software. WhiteSource can be easily integrated with JFrog Xray by simply adding your WhiteSource account token to your Xray configuration.
WhiteSource detects all vulnerable open source components in your software and provides actionable remediation suggestions, enabling you to quickly find the best solution for your needs. Provide developers with the right tools to ensure only high-quality components are integrated into your releases.
DevOps teams maintain awareness in real-time of security vulnerabilities, license compliance, and quality issues. Keep your DevOps teams informed via JFrog Xray dashboard view.
Rules Based Implementation
Once configured, JFrog Xray will start pulling data from WhiteSource based on your watches (rules) and then display all relevant information about the security vulnerability (severity, impacted versions, and actionable remediation suggestions). Dashboard view of license compliance and known severe software bugs for each open source component.