TEL AVIV, Israel, February 4, 2016 /PRNewswire/ --
WhiteSource, the real-time open source component management solution, today announced the release of the first fully functional Docker container analysis tool covering both the container body and the installed software.
"Our ability to scan both the container infrastructure and the software inside of it is a big win especially as adoption of container solutions continues to soar," said Rami Sass, CEO and Co-Founder of WhiteSource. "We're able to bring our vast database of open source components to one of the industry's fastest growing sectors, and offer the first fully functional container analysis tool covering both the container itself and the software installed on it and supporting 16 programming languages."
Containers are quickly gaining popularity as a way to develop, stage and deploy applications. The rapid deployment of container technology, though exceptionally useful, has far outpaced the means companies have for safely using and fully utilizing the technology. Because containers carry software from many sources, oversight issues become especially complex and potentially problematic.
WhiteSource's Docker solution provides the only solution that covers both CentOS (.rpm) and Debian (.deb) containers, along with all applications deployed in them. WhiteSource's approach is to analyze Docker containers, providing both security vulnerability and open source license information for the operating system in each container as well as for the applications deployed within them. WhiteSource's solution supports more than 16 different programming languages and platforms, including Java, .NET, Python, Ruby and more.
WhiteSource's Docker Container analysis solution is already successfully deployed as part of Scalock's security solution suite. Scalock is using WhiteSource's database and container analysis method in order to provide its product as a security solution for containers. Dror Davidoff, CEO and co-founder of Scalock praised WhiteSource, saying, "WhiteSource's database is by far the most comprehensive on the market, and allows us to go beyond application-level scanning and identify language-specific vulnerabilities in components within the container."
WhiteSource allows engineering executives to effortlessly manage the use of open source components in their software, allowing developers to focus on building great products. WhiteSource fully automates all open source management needs: component detection, security vulnerability alerts, license risk and compliance analysis along with policy enforcement and new version alerts. Designed for engineering executives and security officers, a complete suite of control, reporting and management tools make managing open source truly effortless.