WhiteSource Launches Next-generation Software Composition Analysis Technology for Prioritizing Open Source Security Alerts

TEL AVIV, Israel, May 22, 2018 /PRNewswire/ -- WhiteSource, the leader in open source security and license compliance management announced today the launch of its next-generation Software Composition Analysis solutions - Effective Usage Analysis. The newly developed technology provides details beyond simply which components are present in the application, delving deeper with actionable insights on how components are being used, highlighting their impact on the security of the application.

This new technology will reduce open source vulnerability alerts by 70%, showing which vulnerabilities are effective (i.e. getting calls from the proprietary code) and impact the security of the application, and which ones are ineffective. WhiteSource's internal research on Java applications has found that only 30% of reported alerts on open source components with known vulnerabilities originate from effective vulnerabilities and require high prioritization for remediation.

WhiteSource's innovative Effective Usage Analysis technology adds a never before seen level of resolution for understanding which functionalities are indeed effective. This reduces open source vulnerability alerts, and provides actionable insights with full trace analysis, pinpointing the vulnerabilities' exact location in the code to lead to faster, more efficient remediation.

"Our Effective Usage Analysis technology allows security and engineering teams to cut through the noise to correctly prioritize threats to the security of their products," explains WhiteSource's CEO Rami Sass. "Prioritization is key for managing time and limited resources. By showing security and engineering teams which vulnerable functionalities are the most critical and require their immediate attention, we are giving them the confidence to plan their operations and optimize remediation."

The Effective Usage Analysis will support Java and JavaScript upon its release, and will be later expanded to additional languages. It is currently in beta testing and will be fully available in June.  

About WhiteSource

WhiteSource is the leader in continuous open source security and license compliance management. Its vision is to empower businesses to develop better software by harnessing the power of open source. Industry leaders like Microsoft, IBM, and hundreds more trust WhiteSource to secure and manage the open source components in their software. The company has been recognized by Forrester as the best current offering in their Software Composition Analysis (SCA) Wave™ report in 2017. https://www.whitesourcesoftware.com/

Contact:
Gabriel Avner
Head of Communications
[email protected]

SOURCE WhiteSource