Welcome To WhiteSource Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Selecting Technology Solution To Comply With OpenChain ISO Standard

OpenChain ISO/IEC 5230 is the International Standard for open source license compliance. Its relevance to modern software development is growing and it allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. The need to manage the software supply chain has never been more important given the ever-increasing dependence on third party...

Tackling Open Source Governance in the Enterprise

The growing scale of Open Source adoption requires organizations to invest in implementing the right tool sets and processes to govern an increasingly complex Open Source licensing landscape, as well as minimize the potential legal risks. The application of these policies and processes can be collectively referred to as an Open Source Governance framework. Investing...

PCI Software Security Framework: All You Need to Know

The goal of the PCI Software Security Framework is to provide developers of payment applications better security guidelines while providing the companies using payment applications with better tools to assess the security of the software they are using. In many ways, this framework is similar in intent to the Payment Application Data Security Standard (PCI...

Hitting Snooze on Alert Fatigue in Application Security

Medical devices, subway car doors, severe weather warnings, heavy machinery, car alarms, software security alerts. They all notify you to indicate that something is wrong so that you can take action to prevent harm. Hospital monitors can detect a wide range of issues, from an incorrect dose of medication to an irregular heartbeat and beyond....

How to Reduce Enterprise Application Security Risk

WhiteSource, in conjunction with Ponemon Institute, recently surveyed over 600 IT and IT security practitioners who are familiar with their organizations’ approach to securing applications – and here’s a spoiler: the highest level of security risk is considered by many organizations to be in the application layer. So what can Enterprise organizations do to reduce...