WhiteSource Announces Support for GitHub Packages, Automates Container Security

December 4, 2019

WhiteSource can now automatically detect and fix security vulnerability in Docker images and binary packages published to GitHub Packages

TEL AVIV, IsraelNov. 13, 2019 /PRNewswire/ -- WhiteSource, the leader in open source security and license compliance management, announced today support for GitHub Packages and with it the ability to automate container security.  

GitHub customers who publish Docker images and packages to GitHub Packages can now automatically detect open source components with known vulnerabilities with WhiteSource's new GitHub Security Action

The new workflow enables GitHub customers to get security alerts on Docker images and packages within their GitHub UI, so developers can be notified on vulnerabilities in their applications earlier in the process when it is easier and quicker to fix.

"Automating Docker image and package vulnerability identification and remediation through GitHub Action and Packages will help developers and enterprises reduce time and resources spent securing their code" said Jeremy Epling, Senior Director of Product Management at GitHub. "We are happy to see WhiteSource deliver this solution through the GitHub Marketplace."

"GitHub customers can now integrate the scanning of Docker images into their CI/CD pipeline, automating the security of these images and their associated deployed containers," said David Habusha, VP Product of WhiteSource, "once scanned, the results of the scan can then be managed with WhiteSource's various industry-leading reporting, policy, and notification options."  

About WhiteSource

WhiteSource is the pioneer of open source security and license compliance management. Founded in 2011, its vision is to empower businesses to develop better software by harnessing the power of open source. WhiteSource is used by more than 800 customers worldwide, from all verticals, and sizes, including 23% of Fortune 100 companies, as well as industry leaders such as Microsoft, IBM, Comcast and many more. For more information, please visit www.WhiteSourceSoftware.com

Contact: pr@whitesourcesoftware.com

SOURCE WhiteSource

Related Links

https://www.whitesourcesoftware.com/

Previous Article
WhiteSource and Codefresh Combine Forces to Offer Built-in Open Source Management in CI/CD Pipelines
WhiteSource and Codefresh Combine Forces to Offer Built-in Open Source Management in CI/CD Pipelines

Next Article
Renovate, an Open Source Project for Software Dependency Updates, Joins the Whitesource Family
Renovate, an Open Source Project for Software Dependency Updates, Joins the Whitesource Family