WhiteSource Named a Leader in Software Composition Analysis by Independent Research Firm

WhiteSource received among the highest scores in The Forrester Wave™: Software Composition Analysis Q3, 2021 report in the criteria of vulnerability identification, remediation, and breadth of coverage.

TEL AVIV AND BOSTON – August 23, 2021 – WhiteSource was evaluated alongside nine other vendors in The Forrester Wave™: Software Composition Analysis Q3, 2021 report based on three categories: Current Offering, Strategy, and Market Presence. In the evaluation, WhiteSource received the highest possible scores in open source vulnerability identification and remediation guidance, as well as 12 other criteria.

According to the report, “Customers looking to enable their dev teams with a remediation experience that addresses security, compliance, and code quality should add WhiteSource to their shortlist.”

Under Current Offering, WhiteSource received the highest scores in the criteria of remediation and breadth of coverage and among the highest scores in vulnerability identification. The Forrester report stated that “WhiteSource addresses supply chain security with its launch of Diffend, which flags malicious components.” The report noted that “The  Merge Confidence feature details a new component version’s age, adoption, and potential to break the build, giving dev teams the data to make a remediation decision faster.”

Under the Strategy category, WhiteSource received the highest possible scores in the criteria of product vision and planned enhancements. The report states that “WhiteSource’s strategy focuses on helping developers remediate issues quickly and easily and keep their code up to date.”

“We believe our position as a leader in the Forrester Wave is a testament to our remediation-centric approach, including the acquisition of Diffend and the launch of WhiteSource Cure as part of a long-term application security strategy,” said Rami Sass, Co-Founder and CEO of WhiteSource.


About WhiteSource

WhiteSource helps organizations accelerate‌ the development of secure software ‌at‌ ‌scale‌. We provide automated tools that help bridge the security knowledge gap, integrating easily into the software development life cycle and going beyond detection with a remediation-first approach. WhiteSource is built on the most comprehensive vulnerability database in the industry, providing the widest coverage for threats and attack vectors. Our solution helps enterprises like Microsoft, IBM, Comcast, Philips, and many more reduce security risk and increase the productivity of their security and development teams. For more information, visit www.whitesourcesoftware.com.



Shanie Weissman
Global Communications & Product Marketing Manager