Open source security leader continues to support developers within their native environments, releasing an integration for vulnerability management within the Bitbucket UI
WhiteSource, the leader in open source security and license compliance management, announced today a new integration with Atlassian Bitbucket Server, the on-premises version control Git repository management solution. The new developer-focused integration issues real-time alerts within the Bitbucket UI on open source vulnerabilities and automatically generates fix pull requests (PR) to help speed up the remediation process.
The new WhiteSource Bitbucket Server Integration enables developers to find and fix vulnerable open source components early in the development process, supporting application security and speeding up the pace of development. The new application detects open source components in each repository, alerts on vulnerable components in real-time, and combined with Code Insights for Bitbucket Server, provides detailed information about the vulnerabilities to help developers make informed decisions about remediation. It also enforces organizational open source security policies automatically and generates automatic pull requests (PR) to fix open source security vulnerabilities.
The WhiteSource Bitbucket Server Integration is the most recent collaboration between WhiteSource and Bitbucket. It is available on the Atlassian Bitbucket Marketplace where it joins other WhiteSource integrations with Atlassian products such as Jira, Bamboo, and Bitbucket Pipes. This is the third developer-focused integration offered by WhiteSource, following their GitHub and Azure DevOps partner offerings.
"The WhiteSource Bitbucket Server Integration is the latest step in our mission to help developers use open source freely and fearlessly without compromising on security or agility," said David Habusha, VP Product at WhiteSource. "Now developers can seamlessly integrate WhiteSource's solution into their Bitbucket Server environment to manage their open source usage at the speed of DevOps."