Welcome To WhiteSource Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Gartner® Report – What to Do About Log4j?

Cybersecurity experts say that the Log4j vulnerability is perhaps the most severe flaw of its type in decades. If not addressed, it could detrimentally affect millions of pieces of software in some of the world’s largest organizations, and hundreds of millions of devices globally. What can security and application developers do to identify and mitigate...

How to Build a Threat Model for Kubernetes Systems

As Kubernetes adoption grows, its attack surface expands with it, allowing bad actors to find and exploit vulnerabilities in the cloud-native stack. In addition, the complexity of Kubernetes and the lack of proper security controls make the attacks targeting Kubernetes clusters and containers hosted in them a real risk for organizations. With the threat landscape...