Blog

  • The Octocat That Changed The World

    23 February 2017

    By Maya Rotenberg

    GitHub impact

    Over the past few years, RASP (Runtime Application Self-Protection) has become a hot topic of discussion among S&R professionals. Recent market research predicts that the global RASP security market will witness tremendous growth and will post a CAGR of nearly 44% between 2016-2020.

    This seems like a good time to take a look at RASP basics: What is RASP? Why do developers need it? Does it live up to the hype?


    Read More
  • RASPing It Up: The What, Why and How

    16 February 2017

    By David Thompson

    31579568 - young businessman with tablet in hands against digital background

    Over the past few years, RASP (Runtime Application Self-Protection) has become a hot topic of discussion among S&R professionals. Recent market research predicts that the global RASP security market will witness tremendous growth and will post a CAGR of nearly 44% between 2016-2020.

    This seems like a good time to take a look at RASP basics: What is RASP? Why do developers need it? Does it live up to the hype?


    Read More
  • Back to Heartbleed. Three Years Later.

    8 February 2017

    By Rami Sass

    Heartbleed

    New Year’s Eve. The tangible electricity in the air. The unbridled optimism of a full year of new possibilities. The chance to get a little wild, and make a few mistakes. Who cares? It will all be wiped clean the next day. Well, unless you make the mistake of unleashing the most calamitous open source…


    Read More
  • Getting Jiggy With the Open Source Community

    2 February 2017

    By David Thompson

    Open Source Community

    Open source has long become an integral part of how software teams build software, but still, the majority of us are not leveraging all the benefits the open source community has to offer by effectively engaging with it. Most companies, knowingly or not, are passing up a golden opportunity to improve their software products and…


    Read More
  • open source audit

    Open Source Audit. Three words which can make a big difference to the continued success of your organization?

    But when is the right time to start one, and why is it so important anyhow?

    Find the answers to these questions and more in this week’s post.


    Read More
  • White Hat Hacking – Not What You Expect

    19 January 2017

    By Patricia Johnson

    white hat hackers

    Shellshock. Dirty Cow. Drown.

    When it comes to finding nasty security vulnerabilities such as the above in the open source projects we all know and love, White Hats provide project managers with an important service.

    But what motivates White Hat hackers to take the time to prod and probe our software, looking for bugs. Money? Fame? Glory? Well, you might be surprised that it’s something else entirely.


    Read More
  • open source software licenses

    With the recent WordPress-Wix fiasco and Oracle and Google never ending battle on Java’s APIs, copyleft open source software licenses remains a hot topic.

    To understand which way the wind is blowing in regards to open source licenses, we here at WhiteSource decided to do a comprehensive research of what license types are currently in use by the community


    Read More
  • open source logos

    Ever wanted to know the stories behind the logos of some of our favorite open source tools and technologies out there? Well, we here at WhiteSource are all about open source!

    In this week’s post, we’ve done a bit of digging, and found the meaning behind some of the logos we all know and love.


    Read More
  • PHPMailer vulnerability

    If you don’t think you’ve used PHPMailer, you’re probably wrong. In fact, 9 million sites out there use the code libraries to handle such tasks submitting emails, registrations forms, password email resets etc.

    Subsequently, you might not be too pleased to hear that a vulnerability has been discovered affecting one of the libraries’ components, leaving millions of websites open to attack.

    Are you affected, and what should you do if you are? Read more to find out.


    Read More
  • application security testing

    With around 85% of all cyber-attacks happening at the application layer, it’s clear that application security testing should be a serious priority for all organizations, big and small. But why are application level attacks so common?

    More importantly, what security testing tools are on offer to protect your applications, and in which stages of your SDLC should you use them?


    Read More