Welcome To WhiteSource Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Why Open Source Dependencies Are Your Blind Spot?

Few years ago, JavaScript developers worldwide saw their applications failing to build or compile. It was soon learned that the outages were due to a developer pulling his packages out of npm, a dependency manager for JavaScript. The unpublished packages included an 11-line left-pad function that was downloaded 2.5 million times in the month prior...