Continuously Secure

Your Repos

Integrating Your Repos

Integrating security tools into the software development lifecycle (SDLC) can assist teams in detecting vulnerabilities earlier in the development process when it is easier to address them.


WhiteSource’s Repository Integration, including support for GitHub, BitBucket, and GitLab, provide developer-focused security tools that operate within the native development environment, without compromising agility. 

  • Continuous Repo Security

    Get real-time alerts, detailed info and actionable insights on vulnerable open source libraries and their dependencies within the repo UI

  • Simplified & Quick Remediation

    Remediate quickly with automatic pull requests that contain verified suggested fixes for vulnerable libraries

  • Native Workflow Integration

    Enforcing security policies with automated workflows that can track your repos and remediate vulnerabilities

How Does It Work?


How Does it Work

On every push to your repository, WhiteSource will scan your code and alert you on any security vulnerabilities being introduced by your open source components.


When the scan concludes, WhiteSource will create an Issue pertaining to each new security vulnerability introduced into your repository, with details regarding the library, the vulnerability, and possible fixes.


WhiteSource will also automatically detect newly published vulnerabilities affecting any of your existing dependencies, ensuring full coverage for all of your dependencies, both new and existing.


In addition, One of WhiteSource for GitLab’s most advanced features is WhiteSource Remediate. WhiteSource Remediate will automatically open fix Merge Requests, enabling developers to remediate vulnerabilities in a single click.

See why WhiteSource is named a leader in the Forrester Wave SCA Report, Q2 2019

Get Started With Your Free Trial Today

  • No installation required.
  • Unlimited reports and full access to all features.
  • Free technical support during your trial.
  • To start, we’ll contact you for a quick set up call to create your account. You’ll be able to start running immediately after.