WhiteSource achieved Amazon Web Services DevOps Competency Status

July 18, 2019 Shiri Ivtsan

I’m excited to share that we’ve taken our partnership with Amazon Web Services to the next level, becoming the proud recipient of the respected Amazon Web Services DevOps Competency Status. 

The AWS DevOps Competency status provides us with the stamp of approval of being an AWS Partner Network (APN) member. AWS has determined that we have achieved deep expertise on AWS and that we can help our customers maximize all of the business benefits that AWS offers. AWS recognizes WhiteSource as a leading solution that enables software organizations to manage their open source components and ensure open source security and license compliance seamlessly throughout the DevOps lifecycle on AWS. 

This is a great opportunity for WhiteSource to integrate more comprehensively into the AWS ecosystem, helping more software organizations to easily manage their open source security and compliance throughout their DevOps pipeline. As part of this partnership, we will now have access to a variety of tools, training, and support that will help us continue to innovate and build our technology on AWS.

Earning AWS DevOps Competency Status

Becoming a part of the AWS Partner Network is no easy feat, and a challenge that we were ready to take on to prove that we can stand beside some of the top leaders in the software development industry to support companies throughout their Cloud Adoption Journey. 

In order to receive AWS DevOps Competency status, WhiteSource needed to demonstrate how we support large scale deployment of our product to help our customers improve their application testing and build. 

By bestowing upon WhiteSource DevOps Competency status, AWS verifies that our documentation covers integration with AWS, and that the WhiteSource solution on AWS offers features and tools that are critical to infrastructure as code and configuration management. We demonstrated how WhiteSource integrates with AWS services to help organizations manage their infrastructure as code by enabling them to manage their open source usage throughout the development lifecycle. This includes application configurations, infrastructure policies, operating systems, servers, and even containers. 

One example of WhiteSource in action is how we enable customers to create automated workflows according to policies that they can define on the platform. As soon as a security or compliance issue is discovered in their software projects, it triggers a process to ensure that the issue is addressed and remediated as early as possible. 

Another important part of receiving competency status is to demonstrate that our technology supports the CI/CD practices that are essential to a successful DevOps organization. We were required to show how we help our customers build, test, and deploy their AWS-based applications, all without having to sacrifice speed or quality. Many of our customers use policies to implement automated processes within the CI/CD phase to ensure vulnerable open source components are flagged and addressed early. They appreciate governance features that ensure the security of their code, including the ability to fail the build when a certain open source component is found to be incompliant with a company’s open source policies. 

In addition, we needed to show how WhiteSource monitors our customers' applications to alert them on the metrics of their open source usage, delivering a variety of reporting options to help them gain valuable insight into their open source inventory, security, and licensing compliance. DevOps, Security, and Development team leads depend on our security report to get a clear and comprehensive overview of their open source security status. This helps them ensure that they are on top of their KPIs and winning on their DevOps Journey.

Our Continued Partnership with AWS

Since first partnering with AWS, WhiteSource has been available on AWS marketplaceintegrating seamlessly with some of AWS’s top DevOps tools — including AWS Codebuild, AWS EKS, AWS ECR, and AWS Lambda — to enable AWS users full visibility and control over their open source usage throughout the DevOps pipeline, across a variety of environments including serverless and containers. 

Becoming an APN member helps us further enhance this partnership so that we can continue achieving our goal of helping software development organizations across all industries and verticals to use open source components freely and fearlessly, without compromising on speed, security, or quality. 

 
Previous Article
Security Automation: Where Does It Fit In Your Secure SDLC?
Security Automation: Where Does It Fit In Your Secure SDLC?

Next Article
Secure Coding: A Practical Guide
Secure Coding: A Practical Guide