WhiteSource Helps WalkMe to Support Over 1800 Enterprises in their Digital Transformation

WalkMe pioneered the Digital Adoption Platform (DAP) used by thousands of enterprises worldwide to simplify the user experience and realize their technology investment. By combining insights, engagement, guidance, and automation capabilities, WalkMe’s mission is to make digital adoption simple for employees and customers, while increasing productivity.

Founded in 2011, WalkMe’s DAP spans all industries and verticals for onboarding, training new and existing users on new processes, and improving overall productivity by providing contextual guidance in real-time.

Products Used:

Containers

Prioritize

SAML

WalkMe’s commitment to supporting the growing number of enterprises all over the world in their digital transformation requires their engineering team to speed up software development and shorten time to market, without compromising on their application security. Considering their advanced development environment and short release cycles, ensuring security and compliance was not an easy feat.

With WalkMe’s success and global growth, the development teams grew in size to hundreds of developers and the task of managing their containerized environments and open source components became an even greater challenge. The company knew they needed to find a way to get better visibility and control over their containers in order to ensure compliance and security which is a key requirement when partnering with large enterprise companies such as the Fortune 100.

Originally they were tracking their open source usage manually, using a system of blacklisting problematic licenses and manually checking for known security vulnerabilities. Developers were required to approve new components after manually checking each component’s license against these lists, which was extremely time-consuming. WalkMe understood that in order to increase their productivity and tighten security they need to implement an automated solution.

WalkMe was looking for a solution that addressed a number of challenges. They wanted a product that could easily integrate into the entire software development process, and also support their containerized applications. Another important need was a solution that would detect compliance and security issues in both the containers’ layers: the container itself and the application deployed on it.

Within one day, WalkMe was able to install WhiteSource and integrate it into their Jenkins and Docker repo. They were able to get comprehensive real-time reports about their containerized applications’ open source inventory, including security vulnerabilities and licensing

“Our developers were spending valuable time checking open source libraries for security and compliance.” says Dror Zilberman, WalkMe DevSecOps leader. “With WhiteSource, we hit the ground running, and immediately got all the info and insights we needed to be able to ship our releases confident that our containerized applications were safe and compliant.” He added “being able to integrate WhiteSource into our environments gave us the support we needed to quickly address security issues from detection to remediation throughout our entire development cycle.”

With WhiteSource, we hit the ground running, and immediately got all the info and insights we needed to be able to ship our releases confident that our containerized applications were safe and compliant

The seamless integration with WalkMe’s existing tools and DevOps pipeline helped developers to easily consume alerts and address them without having to slow down or spread their attention across a number of platforms.

With WhiteSource, WalkMe development teams have complete visibility and control over their containers. Developers’ valuable time is freed up from the task of tracking their open source components so that they can focus on creating the innovative software that their customers rely on.

WalkMe development teams now use WhiteSource to continuously scan all packages and container images. WhiteSource detects security and compliance issues as soon as they arise, and immediately alerts them.  The open source management process extends all the way to remediation, helping them fix issues quickly, and provide their customers a high quality, secure, and innovative solution.

WalkMe’s commitment to supporting the growing number of enterprises all over the world in their digital transformation requires their engineering team to speed up software development and shorten time to market, without compromising on their application security. Considering their advanced development environment and short release cycles, ensuring security and compliance was not an easy feat.

With WalkMe’s success and global growth, the development teams grew in size to hundreds of developers and the task of managing their containerized environments and open source components became an even greater challenge. The company knew they needed to find a way to get better visibility and control over their containers in order to ensure compliance and security which is a key requirement when partnering with large enterprise companies such as the Fortune 100.

Originally they were tracking their open source usage manually, using a system of blacklisting problematic licenses and manually checking for known security vulnerabilities. Developers were required to approve new components after manually checking each component’s license against these lists, which was extremely time-consuming. WalkMe understood that in order to increase their productivity and tighten security they need to implement an automated solution.

WalkMe was looking for a solution that addressed a number of challenges. They wanted a product that could easily integrate into the entire software development process, and also support their containerized applications. Another important need was a solution that would detect compliance and security issues in both the containers’ layers: the container itself and the application deployed on it.

Within one day, WalkMe was able to install WhiteSource and integrate it into their Jenkins and Docker repo. They were able to get comprehensive real-time reports about their containerized applications’ open source inventory, including security vulnerabilities and licensing

“Our developers were spending valuable time checking open source libraries for security and compliance.” says Dror Zilberman, WalkMe DevSecOps leader. “With WhiteSource, we hit the ground running, and immediately got all the info and insights we needed to be able to ship our releases confident that our containerized applications were safe and compliant.” He added “being able to integrate WhiteSource into our environments gave us the support we needed to quickly address security issues from detection to remediation throughout our entire development cycle.”

With WhiteSource, we hit the ground running, and immediately got all the info and insights we needed to be able to ship our releases confident that our containerized applications were safe and compliant

The seamless integration with WalkMe’s existing tools and DevOps pipeline helped developers to easily consume alerts and address them without having to slow down or spread their attention across a number of platforms.

With WhiteSource, WalkMe development teams have complete visibility and control over their containers. Developers’ valuable time is freed up from the task of tracking their open source components so that they can focus on creating the innovative software that their customers rely on.

WalkMe development teams now use WhiteSource to continuously scan all packages and container images. WhiteSource detects security and compliance issues as soon as they arise, and immediately alerts them.  The open source management process extends all the way to remediation, helping them fix issues quickly, and provide their customers a high quality, secure, and innovative solution.