Blog

  • Are you ready for NIST 800-171?

    In a move that is likely to raise the blood pressure for more than a few security professionals up a couple points, the U. S. federal government has now determined that companies need to take responsibility for the applications that they use for handling and storing people’s data. In June of 2015, the U.S. National…


    Read More
  • Leading and Adopting DevOps in Your Organization You’ve just been given the responsibility to lead a DevOps transformation in your organization. Where do you begin? How will you approach the situation? What will you start or stop doing? What are your goals? Luckily for you, many people and organizations, both large and small, have already…


    Read More
  • What are the top vulnerabilities hit our favorite open source projects this December?   While all you hard working folks have hopefully been taking advantage of the jolly month of December for much-needed Christmas and New Years vacations and/or celebrations, our database has continued to aggregate open source projects and vulnerabilities. Since publishing our Top…


    Read More
  • CISO’s: Are you ready to ring in 2018?   As we begin to arise from our Christmas food comas, and a moment before we make sure that our liquor cabinets are stocked and the champagne is on ice, this is a great time to jot down some of our priorities for the year ahead. If…


    Read More
  • Whether you love it or hate it, the holiday season is officially here. Your inbox is clogged with holiday offers, you’ve heard Michael Buble’s “Jingle Bells” one too many times, and you’re scrambling to finish your shopping so as not to endure one more mind-numbing line at your local mall. We can’t help with the…



    Read More
  • Top 10 Security Vulnerabilities of 2017

    13 December 2017

    By Gabriel Avner

    It’s been quite a year. Do you still have any of these vulnerabilities in your products? Application security, and the open source vulnerabilities that can threaten it, were front of mind for many in the software world this year, especially in the wake of the Equifax fiasco. For as surreal as that incident was, seeing…


    Read More
  • Open Source Legal Trends During 2017

    The open source community prefers to keep disputes and enforcement out of the courts. Is 2018 likely to take us in a new direction? The freedom to code, contribute, and collaborate is a core ideal of the open source community. As such, there is a strong preference to keep disputes out of the courts whenever…


    Read More
  • OWASP puts the cart before the horse when it comes to how you keep your data safe The Open Web Application Security Project (OWASP) finally released the third — and possibly final — version of their much vaunted Top 10 list for 2017 detailing the vulnerabilities that are considered to be the most pernicious throughout…



    Read More
  • Thanksgiving is upon us! Filled with food, family, and hopefully some football — let’s go Seahawks — Thanksgiving is the time when families gather and talk about what they are thankful for. Here at WhiteSource, we are grateful for all the efforts that the open source community puts in to help others build innovative products…


    Read More
  • Software organizations are under tremendous pressure to deliver innovative products and ship updates fast.  To keep up with the competitive and ever-rapid release schedule, many software teams are adopting the DevOps model for its increased efficiency and agility. Companies that are required to innovate and stick to tight release timelines are learning that a well-planned…


    Read More