Blog

  • whitesource-software-development

    We all constantly face the challenge of reducing time-to-market to ensure our company will not lose market share. This challenge has made time the most valuable resource for every software development team leader and manager. We all try to meet the crazy timelines for product releases and in order to meet this goal, we always…


    Read More
  • APACHE-STRUTS-VULENRABILITY-WHITESOURCE

    Another open source security vulnerability was discovered in a popular open source project. This time its Apache Struts 2 and this is yet another Remote Code Execution (RCE) vulnerability that adds up to a long list of severe vulnerabilities in Apache Struts. What makes things worse, is that this vulnerability has been actively exploited in…


    Read More
  • known security vulnerabilities

    Forbes Insights and BMC recently released their second annual security survey, which stated that known security vulnerabilities are still the leading cause of exposure to data breaches and cyber threats.

    I was genuinely amazed to hear the surprised feedback from many software security professionals wondering how can that be the case.


    Read More
  • The Octocat That Changed The World

    23 February 2017

    By Maya Rotenberg

    GitHub impact

    The facts don’t lie. GitHub is a global giant. With around 32 million monthly visitors, this is a software-building platform unlike any other. To get a real sense of its impact, analytics site Alexa currently ranks GitHub as the 49th most popular website in the world. That’s right – after Google, Facebook, YouTube and several…


    Read More
  • RASPing It Up: The What, Why and How

    16 February 2017

    By David Thompson

    31579568 - young businessman with tablet in hands against digital background

    Over the past few years, RASP (Runtime Application Self-Protection) has become a hot topic of discussion among S&R professionals. Recent market research predicts that the global RASP security market will witness tremendous growth and will post a CAGR of nearly 44% between 2016-2020.

    This seems like a good time to take a look at RASP basics: What is RASP? Why do developers need it? Does it live up to the hype?


    Read More
  • Back to Heartbleed. Three Years Later.

    8 February 2017

    By Rami Sass

    Heartbleed

    New Year’s Eve. The tangible electricity in the air. The unbridled optimism of a full year of new possibilities. The chance to get a little wild, and make a few mistakes. Who cares? It will all be wiped clean the next day. Well, unless you make the mistake of unleashing the most calamitous open source…


    Read More
  • Getting Jiggy With the Open Source Community

    2 February 2017

    By David Thompson

    Open Source Community

    Open source has long become an integral part of how software teams build software, but still, the majority of us are not leveraging all the benefits the open source community has to offer by effectively engaging with it. Most companies, knowingly or not, are passing up a golden opportunity to improve their software products and…


    Read More
  • open source audit

    Open Source Audit. Three words which can make a big difference to the continued success of your organization?

    But when is the right time to start one, and why is it so important anyhow?

    Find the answers to these questions and more in this week’s post.


    Read More
  • White Hat Hacking – Not What You Expect

    19 January 2017

    By Patricia Johnson

    white hat hackers

    Shellshock. Dirty Cow. Drown.

    When it comes to finding nasty security vulnerabilities such as the above in the open source projects we all know and love, White Hats provide project managers with an important service.

    But what motivates White Hat hackers to take the time to prod and probe our software, looking for bugs. Money? Fame? Glory? Well, you might be surprised that it’s something else entirely.


    Read More
  • open source software licenses

    With the recent WordPress-Wix fiasco and Oracle and Google never ending battle on Java’s APIs, copyleft open source software licenses remains a hot topic.

    To understand which way the wind is blowing in regards to open source licenses, we here at WhiteSource decided to do a comprehensive research of what license types are currently in use by the community


    Read More