Effective Usage Analysis
As open source usage has become more popular, and the awareness surrounding the security of open source projects has increased due to highly publicized vulnerabilities and breaches, the number of reported open source vulnerabilities has also grown rapidly within the last 18 months. Software composition analysis tools are helping teams detect these vulnerabilities, but unfortunately teams are still tasked with the challenge of tackling open source vulnerabilities while still maintaining an agile development process. While traditional Software Composition Analysis (SCA) tools facilitate detection and tracking of vulnerable open source components, organizations are often incapable of accommodating the sheer amount of vulnerabilities and seek ways to prioritize security alerts and improve the remediation process. This is why WhiteSource created Effective Usage Analysis. Effective Usage Analysis uses trace analysis to pinpoint the location vulnerabilities and is the first technology to equip developer teams with the information necessary to prioritize vulnerabilities based on its impact on the proprietary code (user code), leading to a staggering 70% to 85% reduction in open source security alerts and providing usage analysis with actionable insights that supports shorter time to remediation. This groundbreaking technology establishes if vulnerable open source code is referenced by proprietary code and identifies where that happens in the code. This information allows organizations to determine whether reported vulnerabilities constitute a real risk and provides them with the resources to take appropriate action.
Press and media coverage
https://www.linuxinsider.com/story/85354.html https://sdtimes.com/os/sd-times-news-digest-whitesources-software-composition-analysis-maprs-ai-training-program-and-mariadb-tx-3-0/ https://www.forbes.com/sites/theyec/2018/11/20/software-composition-analysis-startups-investors-are-looking-for-these-three-qualities/#264364cb69ef https://www.cbronline.com/news/security-improving-open-source-software https://www.prnewswire.com/news-releases/whitesource-launches-next-generation-software-composition-analysis-technology-for-prioritizing-open-source-security-alerts-300652477.html