WhiteSource Software

Open source security and licenses compliance

4.2 /5 (5 reviews) Write a Review!

WhiteSource Software Overview

What is WhiteSource Software?

WhiteSource is the leading solution for agile open source security and license compliance management.
It integrates with your development environments and DevOps pipeline to detect open source libraries with security or compliance issues in real-time.

WhiteSource doesn’t only alert on issues, it also provides actionable, validated remediation paths to enable quick resolution and automated policy enforcement to speed up time-to-fix. It also helps you focus on what matters by prioritizing remediation based on whether your code is actually using a vulnerable method or not, and gu aranteeing zero false positives.

We've got you covered with support for over 200 programming languages, and continuous tracking of multiple open source vulnerabilities databases including the NVD, security advisories, peer-reviewed vulnerability knowledge bases, and open source projects issue trackers.

WhiteSource Software Overview

Pricing

Starting from
N/A

Pricing options

Free Trial
Subscription
Value for money

Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing


WhiteSource Software Features

Devices
Business size
S M L
Markets
United States, Canada, United Kingdom, Australia, China and 3 others, India, Japan, Germany
Supported Languages
English, French, German, Hebrew

Media

WhiteSource Software video

WhiteSource Software Reviews

WhiteSource Software Reviews

Overall rating
4.2
/
5
Excellent
3

Very good
1

Average
0

Poor
1

Terrible
0

Value for Money
1
Features
3
Ease of Use
3.7
Customer Support
4.7
80% recommended this app
Udi M.

FOSS lifecycle management with Whitesource

Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies.
Makes life much easier and helps you cover all dependencies much more accurately.

Some processes are still a bit course (though improved dramatically over the past 18 months)
Refresh performance might be a bit slow when there are very large dependency lists.

Best product out there for FOSS lifecycle management


Shaul S.

work with it for a long time still place to improve.

It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.


Don T.

Tons of false positives, prepare to spend hours fixing it manually

After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.


John mcintire

Easy to use. Saves tons of time.

We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....


Alice akins

License Management in the cloud

I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!


Udi M.

FOSS lifecycle management with Whitesource

Reviewed on 10/11/2015
Review Source: Capterra

Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies.
Makes life much easier and helps you cover all dependencies much more accurately.

Some processes are still a bit course (though improved dramatically over the past 18 months)
Refresh performance might be a bit slow when there are very large dependency lists.

Best product out there for FOSS lifecycle management

Rating breakdown

Ease of Use
Customer Support

Shaul S.

work with it for a long time still place to improve.

Reviewed on 10/11/2015
Review Source: Capterra

It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.

Rating breakdown

Ease of Use
Customer Support

Don T.

Tons of false positives, prepare to spend hours fixing it manually

Used Other for 1-5 months
Reviewed on 7/06/2018
Review Source: Capterra

After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.

Pros

Fast, quick reviews of your code. They do a good job of putting all the relevant reports and dashboards in front of you quickly. Once you manually fix everything, it can look really good.

Cons

The false positives are awful. I had to spend hours and hours manually fixing everything it mis-identified - dozens of libraries and thousands of source files. If you use a library not in its database... too bad. You can make a support request and wait for them to enter it for you, whenever they get around to it.
The search is pretty awful. There is some kind of syntax to using it but when I asked our account rep, she couldn't give me any documentation on it. You will frequently see results like "openssl-v0_9_8" in your search, but if you type "openssl" it will vanish and not come up. Don't ever both trying to search for a version, it doesn't work. This results in a lot of time scrolling through very large lists. Naming schemes are random and follow no established pattern.
For a good half of all libraries, they have not assigned a license. Guess who gets to go google search them all? You, the user! Isn't the point of this tool to help me identify the licensing?
UI navigation is challenging. Back button will take you to a different place than you were almost every time. You'll love the dashboard... because you have to go back to it roughly every 5 minutes and start over.
No great system for notes/todos/reminders. When you have to fix 60 libraries, it's hard to remember what you want to do with each one.

Rating breakdown

Value for Money
Ease of Use
Customer Support

Likelihood to recommend: 1.0/10

John mcintire

Easy to use. Saves tons of time.

Reviewed on 28/05/2013
Review Source: GetApp

We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....

Pros

easy
inexpensive
very comprehensive
no more hassle

Alice akins

License Management in the cloud

Reviewed on 17/09/2012
Review Source: GetApp

I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!

User recommendation
1/10
Based on 5 user ratings
Compare user recommendation rating with alternatives
Compare with alternatives

WhiteSource Software Pricing

WhiteSource Software Pricing

Starting from
N/A
Free Trial
Subscription
Value for money

Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing

Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing

Value for Money
1/5
Based on 5 user ratings
Compare value for money rating with alternatives
Compare with alternatives

WhiteSource Software Features

WhiteSource Software Features

API
Access Control
Activity Dashboard
Activity Tracking
Alerts / Escalation
Auditing
Automatic Notifications
Collaboration Tools
Compliance Management
Data Import/Export
Data Visualisation
Drag & Drop Interface
Monitoring
Real Time Data
Real Time Monitoring
Reporting & Statistics
Search Functionality
Third Party Integration
User Management
Workflow Management
Features
3/5
Based on 5 user ratings
Compare features rating with alternatives
Compare with alternatives

Categories

Additional information for WhiteSource Software

Additional information for WhiteSource Software

Key features of WhiteSource Software

  • Automated Policies- Premium Feature
  • Automatic License Information Retrieval
  • Conditional Approval- Premium Feature
  • Free, Cloud-Based Service
  • Instant Audits
  • New Version Alerts- Premium Feature
  • Open Source Inventory Management
  • Organizational Licenses Report- Premium Feature
  • Privacy
  • Request and Approval Workflows
  • Risk Analysis
  • Risk and Task Management Dashboard

Benefits

- Find and fix open source vulnerabilities, in real time
- Prioritize vulnerabilities based on effectiveness
- Inventory management
- Open source license compliance
- Enforce policies automatically and create reports for all teams: security, DevOps, legal and management
- Supports due diligence, OEM or M&A

WhiteSource Software FAQs

WhiteSource Software FAQs

Below are some frequently asked questions for WhiteSource Software.

Q. What type of pricing plans does WhiteSource Software offer?

WhiteSource Software offers the following pricing plans:

Pricing model: Subscription

Free Trial: Available

Starting at $4,000 a year, based on contributing developers, get our pricing here: https://whitesourcesoftware.com/pricing

Q. What are the main features of WhiteSource Software?

WhiteSource Software offers the following features:

  • Automated Policies- Premium Feature
  • Automatic License Information Retrieval
  • Conditional Approval- Premium Feature
  • Free, Cloud-Based Service
  • Instant Audits
  • New Version Alerts- Premium Feature
  • Open Source Inventory Management
  • Organizational Licenses Report- Premium Feature
  • Privacy
  • Request and Approval Workflows
  • Risk Analysis
  • Risk and Task Management Dashboard

Q. Who are the typical users of WhiteSource Software?

WhiteSource Software has the following typical customers:

Small Business, Large Enterprises, Mid Size Business

Q. What languages does WhiteSource Software support?

WhiteSource Software supports the following languages:

English, French, German, Hebrew

Q. What type of pricing plans does WhiteSource Software offer?

WhiteSource Software has the following pricing plans:

Subscription

Q. Does WhiteSource Software support mobile devices?

We do not have any information about what devices WhiteSource Software supports

Q. What other apps does WhiteSource Software integrate with?

WhiteSource Software integrates with the following applications:

Bitbucket, CircleCI, Cloudbees, Docker Cloud, GitHub, GitLab, Jira, Microsoft Azure, ThreadFix, Travis CI

Q. What level of support does WhiteSource Software offer?

WhiteSource Software offers the following support options:

FAQs, Knowledge Base, Phone Support, Video Tutorials