Blog

  • Open Source Software Licenses Trends

    12 January 2017

    By Sivan Michaeli

    12501487 - 3d athletes on the podium of winners. rendered at high resolution on a white background with diffuse shadows.

    With the recent WordPress-Wix fiasco and Oracle and Google never ending battle on Java’s APIs, copyleft open source software licenses remains a hot topic.

    To understand which way the wind is blowing in regards to open source licenses, we here at WhiteSource decided to do a comprehensive research of what license types are currently in use by the community


    Read More
  • open source logos

    Ever wanted to know the stories behind the logos of some of our favorite open source tools and technologies out there? Well, we here at WhiteSource are all about open source!

    In this week’s post, we’ve done a bit of digging, and found the meaning behind some of the logos we all know and love.


    Read More
  • PHPMailer vulnerability

    If you don’t think you’ve used PHPMailer, you’re probably wrong. In fact, 9 million sites out there use the code libraries to handle such tasks submitting emails, registrations forms, password email resets etc.

    Subsequently, you might not be too pleased to hear that a vulnerability has been discovered affecting one of the libraries’ components, leaving millions of websites open to attack.

    Are you affected, and what should you do if you are? Read more to find out.


    Read More
  • application security testing

    With around 85% of all cyber-attacks happening at the application layer, it’s clear that application security testing should be a serious priority for all organizations, big and small. But why are application level attacks so common?

    More importantly, what security testing tools are on offer to protect your applications, and in which stages of your SDLC should you use them?


    Read More
  • Open Source Compliance: The Carrot and the Stick

    8 December 2016

    By Patricia Johnson

    open source compliance

    Open source has become central in how companies develop software products as it dramatically reduces time to market. The surprising thing is that, despite its high usage and popularity, many people in our industry are still nervous when it comes to using open source. Especially around open source compliance.

    This hesitance comes mainly due to the misunderstanding how open source compliance is enforced. So, what can we as a community do to allay their fears and promote the benefits of open source compliance?


    Read More
  • story open source management

    A day in the life of Dave and Mike

    Dave is a lean, mean highly organized machine. Whereas Mike is more relaxed about his affairs. Consequently, you can probably guess who’s usually ahead of the curve when it comes to dealing with challenging situations.

    Believe it or not, these two guys can tell us a lot about the benefits of using an automated open source management solution.


    Read More
  • scanners2

    Back in 2002, a startup named Black Duck Software pioneered an automated way to search for and identify open source code that was introduced by developers. In a nutshell, the method was based on scanning the code and identifying pieces of code (aka snippets) that resemble code that appears in known open source components. The user is then alerted to the similarity and should check each such instance. Soon, a few other vendors offered a code scanning solution to the open source discovery challenge (e.g., Protecode, Palamida, and Open Logic).

    Over time, it became clear that scanning is not as easy and automated as one may think. In addition, this technology no longer fits with today’s agile development environment.


    Read More
  • The Five Founding Fathers of Open Source

    22 November 2016

    By Sivan Michaeli

    thanksgiving_software_freedom

    It’s that time of year again, Thanksgiving!

    Just as we remember our forefathers who came to the New World in search of freedom, let’s spare a thought for those Open Source pioneers who helped secure the freedom to use, edit and distribute software that we all enjoy today.


    Read More
  • manualvsautomatic

    Do you remember in high school it seemed like all the cool kids seemed to be speaking in their own code? Well, it’s a bit like that in DevOps circles today.

    Everybody’s talking about Continuous Integration this, Continuous Deployment that. And who knows, you might even hear some people mentioning Application Release Automation.

    However, how do you know they’re ‘walking the walk’, when it comes to doing DevOps, and not just ‘talking the talk’?


    Read More
  • IoT Attacks – Rise of the Machines

    10 November 2016

    By Jason Levy

    iot attacks

    The number of IoT devices is rising, and rising fast. In fact, it’s predicted by 2020 we’ll have over 34 billion such devices!

    However, this growth in IoT devices is not being accompanied by an improvement in cyber security standards, which has resulted in some pretty nasty IoT attacks of late.

    Therefore, without an improvement in cyber security standards, are we witnessing the rise of the machines?


    Read More