New Generation Open Source License Management.



In today’s competitive business environment, using Open Source Software (OSS) is mandatory. However, improper use of OSS may result in substantial legal, business, and technical risks. To keep away from such risks, software developers must track their open source components, be aware of their risks,and ensure compliance with their licenses.
WhiteSource makes it easy for commercial software developers to keep track of OSS components, their licenses, risks, and requirements, and do so in an affordable fashion and without burdening developers.


  • Automatically detect new OSS, including all dependences
  • Detect new OSS as soon as it is added by developers, through plug-ins to your build and CI server. Identify the licenses involved, down to the last dependency.
  • Ensure that all new OSS conform to policies and best practice
  • Automatically verify new OSS conforms to your acceptance policy. Start an approval workflow, if necessary, informing decision makers of all license information, risks, and requirements. If unapproved, stop immediately to prevent wasteful development effort.
  • Properly manage your open source inventory
  • Keep track of all OSS libraries in use in each of your projects. In a click of a button, produce full reports for customers, auditors, OEM partners, M&A, etc.
  • Be notified when a security vulnerability, or another bug is fixed
  • We will alert you whenever a new release is available for any of the OSS you use, so that you are aware of fixes to security vulnerabilities, performance issues, and other bugs.
  • Modern, cost effective cloud-based service
  • Nothing to deploy. Nothing to customize. All information is always current. No training needed (modern and intuitive UI). Your proprietary code is not loaded to the cloud, and your data is properly encrypted and secured. (On-premise deployment is an option).

Why do you need a new generation OSS lifecycle management solution?
You have to manage your OSS inventory and licenses. But you don’t have to burden your developers with heavy process. You also don’t have to send your developers sifting through thousands of false positives generated by a post-hoc scanner. Anyway, it can be costly if your developers are forced to replace an OSS they relied on. And of course, don’t you want to be the first to know of security issues (especially if fixes are available)?

White Source’s continuous OSS lifecycle management solution is comprehensive, yet easy to use. Ensures proper management and compliance, yet does not burden your developers. It is free to try, and very affordable to use.


Rate this application