Prioritize Open Source Vulnerabilities in Your Software

Powerful Prioritization That Saves Critical Remediation Resources

The sharp rise of reported open source vulnerabilities in recent years, present software development and security teams with new challenges.
Teams can no longer fix all bugs, and remain on schedule, and prioritization is quickly becoming a necessity in order to focus limited remediation resources on the most critical issues.

Effective Usage Analysis technology helps teams to do just that – prioritize.
It scans open source components with known vulnerabilities to assess their security impact on your software. Prioritization is based on whether your proprietary code is making calls to the vulnerable method, making it effective.

Our research shows only 15% to 30% of vulnerabilities are indeed effective, so your team can easily focus on remediating the vulnerabilities that matter the most.

HOW DOES IT WORK?

Prioritize Based on Effectiveness

Vulnerabilities effectiveness level is displayed with shield icons.
The summary pane displays the number of libraries analyzed, their severity, and how many are effective.
The Analysis Statistics section at the bottom displays the percentage of libraries analyzed, and the number of effective and non-effective security alerts.

Download This Datasheet To See How It’s Done

Optimize Remediation Processes

When an effective vulnerability is identified, a detailed call graph presents the complete paths from the proprietary code to the vulnerable functionality.
This pinpoints the exact location of the vulnerable functionality and the path that leads to it.
The call graph shows developers where a reference occurs, including filename, class name, and line in the code.
These details considerably shorten review and remediation time, saving precious resources, and helps organizations fix their critical vulnerabilities faster.

Simplify Vulnerabilities Remediation With Effective Usage Analysis

Reduce Security Alerts by 70%-85%

Significantly reduce the number of vulnerabilities, by focusing on the effective ones first

Speed Up Remediation Processes

Detailed call graphs pinpointing the path to the vulnerability will speed up remediation time

Improve Collaboration Between Teams

Use effectiveness as an objective indicator that determines the impact of a security vulnerability, to minimize friction between security and developers

Learn More
About WhiteSource

Discover how WhiteSource helps simplify the management of open source components in your software.

Want To See How It Works?