WhiteSource

Mend Research Reveals 33 Percent Growth of Open-Source Vulnerabilities

Retrieved on: 
Thursday, December 15, 2022
WhiteSource, TEL, Acceleration, MEND, Data collection, Renovation, Attack, NVD, RubyGems, Growth, Risk, Telemetry, Organization, Medical device, Risk management

TEL AVIV, Israel and BOSTON, Dec. 15, 2022 /PRNewswire/ -- Mend, a leader in application security, launched its Open Source Risk Report today that reveals the significant risk posed by the ongoing rise in open source vulnerabilities and software supply chain attacks. According to the report, the number of open source vulnerabilities that Mend identified and added to its vulnerability database in the first nine months of 2022 was 33 percent greater than the first nine months of 2021, reflecting both the growth in the number of published open source packages and the acceleration of vulnerabilities. As businesses continue to heavily rely on their applications for success, this growing threat is a mounting concern.

Key Points: 
  • "Using remediation tools that can assess and prioritize the vulnerabilities that can most heavily impact systems is an important element to managing security debt.
  • While companies remediate thousands of vulnerabilities each month, it takes modern remediation best practices to handle the ongoing wave of new vulnerabilities detected to prevent a growing backlog of vulnerabilities.
  • The increase in open-source vulnerabilities outstrips the estimated 25 percent growth in the amount of open source software available.
  • For more information, visit www.mend.io , the Mend blog , and Mend on LinkedIn and Twitter .

LineSlip Expands Team with Ming Zhang, Vice President of Customer Success

Retrieved on: 
Wednesday, July 27, 2022
University, Insurance, Intelligence, Industry, Amazon Web Services, CEO, DevOps, Business architecture, Virtusa, Risk, American studies, WhiteSource, Information science, CIRI, Solution, Software as a service, Program, Growth

NEW YORK,  July 27, 2022  /PRNewswire-PRWeb/ -- LineSlip, an award-winning SaaS provider that automatically converts commercial insurance documents into insurance intelligence, today announced that Ming Zhang has joined the team as vice president of customer success. Zhang will supervise overall customer success management from the onboarding process through renewal stages by driving strategic alignment with sales.

Key Points: 
  • NEW YORK, July 27, 2022 /PRNewswire-PRWeb/ -- LineSlip , an award-winning SaaS provider that automatically converts commercial insurance documents into insurance intelligence, today announced that Ming Zhang has joined the team as vice president of customer success.
  • Zhang will supervise overall customer success management from the onboarding process through renewal stages by driving strategic alignment with sales.
  • "We are very excited to welcome Ming into the LineSlip family," said Leo Bernstein, CEO of LineSlip.
  • I am looking forward to working in collaboration with this mission-driven team to maximize the individual customer experience in order to drive business success and growth."

GigaOm Radar Report Names Anodot as a Challenger and Fast Mover for FinOps Tools

Retrieved on: 
Thursday, July 7, 2022
Cloud, Radar's Report, ML, CEO, Radar, Growth, Amdocs, Forecasting, Software as a service, NICE, Technology, Organization, Entrepreneurship, AI, WhiteSource, Gigaom, Challenger, Standard Performance Evaluation Corporation, Risk management, Video game console, Anodot, Kubernetes, Fiverr

ASHBURN, Va., July 7, 2022 /PRNewswire/ -- Anodot, the business monitoring company, today announced that it has been named as a Challenger and Fast Mover in the 2022 GigaOm Radar for Evaluating Financial Operations (FinOps) Tools report. Anodot for Cloud Cost was ranked as exceptional in the key criteria categories of flexibility, scalability, AI to predict future spending, normalized billing across multiple cloud vendors, identification of cost optimization opportunities, and container and serverless computing.

Key Points: 
  • ASHBURN, Va., July 7, 2022 /PRNewswire/ -- Anodot , the business monitoring company, today announced that it has been named as a Challenger and Fast Mover in the 2022 GigaOm Radar for Evaluating Financial Operations (FinOps) Tools report.
  • The GigaOm Radar Report outlines issues, trends, and purchase considerations for prospective customers.
  • The report also provides a forward-looking analysis that carefully plots the relative value and progression of the various FinOps solutions available on the market.
  • "The report highlights the need to make financial accountability a key part of organizations' response to uncontrolled cloud spending.

Eclypsium Expands its Leadership Team and Advisory Board to Support Accelerated Growth

Retrieved on: 
Thursday, June 16, 2022
Software, Technology, Internet, Security, Zero, Quanta, Cloud, American Institute of Certified Public Accountants, Privacy, AICPA, Type 2, McAfee, Host, QCT (Quanta Cloud Technology), Kaiser Permanente, Leadership, HP, Confidentiality, Public relations, Conference, WhiteSource, Paul, Solution, Software as a service, Technology, Compliance, CEO, Trend Micro, Jay Westerdal, Founder, Engineering, Certified Public Accountant, BNP Paribas, RSA Conference, Accenture, Certification, Nate, Central Waqf Council, System and Organization Controls, Local government, Visa, Intelligence, History, Microsoft, VP, Data management, American Institute, Organization, Risk, Fortune 1000, Fortune 500, DNS, CTO, Â, Research, Entrepreneurship, Ariella, TippingPoint, Joint Threat Research Intelligence Group, Risk management, Management, Firmware, Marketing, Checkmarx, BT Group

Eclypsium lets organizations verify the security of their enterprise hardware with all critical firmware.

Key Points: 
  • Eclypsium lets organizations verify the security of their enterprise hardware with all critical firmware.
  • Prior to joining Eclypsium, he held strategic sales and leadership positions with Checkmarx, Palo Alto Networks, McAfee, TippingPoint, and HP.
  • Eclypsium also announced the addition of Ramy Houssaini to its Strategic Advisory Board.
  • Im very excited to join Eclypsiums Strategic Advisory Board and help them on their journey to bring true Zero Trust to enterprise hardware.

WhiteSource Rebrands as Mend, Introduces Industry-First Automated Remediation with the Mend Application Security Platform

Retrieved on: 
Wednesday, May 25, 2022
Architecture, Software, WhiteSource, TEL, Environment, Solution architecture, Multimedia, SCA, Policy, View, Ruby, Time, Pressure, SAST, Blog, Renovation, Organization, Solution, JavaScript, LinkedIn, Twitter, Acquisition, Supply, CEO, Cryptocurrency, Online shopping, MEND

TEL AVIV, Israel AND BOSTON, May 25, 2022 /PRNewswire/ -- WhiteSource, a leader in application security, today announced the change of its name to Mend. The company is also launching the industry's first automated remediation for custom code security issues as well as integration of Mend Supply Chain Defender (formerly WhiteSource Diffend) in its JFrog Artifactory plugin, all within the Mend Application Security Platform. Mend secures all aspects of your software, providing automated remediation, prevention, and protection from problem to solution versus only detection and suggested fixes. 

Key Points: 
  • The company is also launching the industry's first automated remediation for custom code security issues as well as integration of Mend Supply Chain Defender (formerly WhiteSource Diffend) in its JFrog Artifactory plugin, all within the Mend Application Security Platform .Mend secures all aspects of your software, providing automated remediation, prevention, and protection from problem to solution versus only detection and suggested fixes.
  • The company's strategic acquisitions and its unique automated remediation technologies have enabled it to deliver the Mend Application Security Platform.
  • Combining automated remediation for static application security testing (SAST) with Mend's existing ability to do this for software composition analysis (SCA), the platform is the first to automatically find and fix application security holes involving both open source and custom code.
  • Offering automated remediation for both open source and custom code, providing exact fixes for each line of code, the Mend Application Security Platform enables any level of developer to easily write quality, secure code.

WhiteSource Launches Free Developer Tool to Detect and Remediate Spring4Shell Vulnerability

Retrieved on: 
Friday, April 1, 2022
Zero, Microsoft, Risk, Spring Framework, Organization, Library, GitHub, IBM, Multimedia, Philips, Environment, CEO, Comcast, View, Software, Industry, WhiteSource, Log4j, TEL, Attention, RCE, CLI, Java, Satellite navigation device, Risk management

TEL AVIV, Israel and BOSTON, April 1, 2022 /PRNewswire/ -- WhiteSource, a leader in application security, today launched WhiteSource Spring4Shell Detect, a free command-line interface (CLI) tool that quickly scans projects to find vulnerable open source libraries for CVE-2022-22965, also known as Spring4Shell. 

Key Points: 
  • TEL AVIV, Israeland BOSTON, April 1, 2022 /PRNewswire/ -- WhiteSource , a leader in application security, today launched WhiteSource Spring4Shell Detect , a free command-line interface (CLI) tool that quickly scans projects to find vulnerable open source libraries for CVE-2022-22965, also known as Spring4Shell.
  • WhiteSource's free developer tool, which is available now on GitHub , provides developers with the exact path to direct and indirect dependencies, along with the fixed version, for speedy remediation.
  • "Organizations and security teams must approach Spring4Shell with the same attention and urgency they did with the recent Log4j vulnerability," said Rami Sass, CEO, WhiteSource.
  • More information on the Spring4Shell vulnerability can be found on WhiteSource's blog: Spring4Shell Zero-Day Vulnerability: Information and Remediation for CVE-2022-22965
    WhiteSource helps organizations accelerate the development of secure software at scale.

Staircase.ai Welcomes Sivan Michaeli-Roimi as the New VP of Marketing

Retrieved on: 
Tuesday, February 22, 2022
Entrepreneurship, Software as a service, Head, Business, Outbound, Marketing, CS, Organization, Stairs, WhiteSource, Seed, Leadership, Technology, CEO, Public relations, Media

LOS ANGELES, Feb. 22, 2022 /PRNewswire/ -- Following their recent Seed Funding announcement, Relationship Intelligence Platform Staircase.ai has announced the appointment of Sivan Michaeli-Roimi as its new VP of Marketing.

Key Points: 
  • LOS ANGELES, Feb. 22, 2022 /PRNewswire/ -- Following their recent Seed Funding announcement, Relationship Intelligence Platform Staircase.ai has announced the appointment of Sivan Michaeli-Roimi as its new VP of Marketing.
  • With over 10 years of experience in the SaaS industry, Michaeli-Roimi brings a deep understanding of Global Marketing and Customer Value initiatives.
  • During her leadership roles at WhiteSource and Frontegg, Sivan led successful teams and exceptional growth.
  • Before joining Staircase.ai, Sivan served as Head of Marketing at Frontegg, and led the company's Marketing, Sales, branding and strategy.

WhiteSource Announces Remediation-Centric Entry into the SAST Market

Retrieved on: 
Tuesday, February 15, 2022
Philips, Atos, CTO, PRS, Ides, Noise, SEC, TEL, DevOps, SAST, WhiteSource, Organization, SCA, Microsoft, View, IBM, Software, Language, Multimedia, Comcast, Industry, Risk management, Instrumentation, Online shopping, Satellite navigation device

To accelerate the company's SAST vision, WhiteSource completed two acquisitions:

Key Points: 
  • To accelerate the company's SAST vision, WhiteSource completed two acquisitions:
    Xanitizer, a German-based company, has developed novel high-precision SAST detection technologies that are best known for their accuracy.
  • DefenseCode, a Croatian-based company with customers in Europe and North America, which provides next-generation enterprise-grade SAST capabilities including fast scanning and support for multiple languages.
  • "We are excited to join WhiteSource and the team from Xanitizer to deliver a next-generation SAST offering built from the ground up for DevOps."
  • The SAST market is ripe for disruption because most established SAST products were designed for an earlier era, when the typical software development life cycle stretched for months.

WhiteSource Threat Report Reveals Massive Uptick In Cyberattacks Related To JavaScript npm

Retrieved on: 
Wednesday, February 2, 2022
Security, Entrepreneurship, CEO, View, Documentation, Organization, WhiteSource, Research, Microsoft, IBM, Comcast, Philips, JavaScript, Industry, Multimedia, TEL, Medical device, Cryptocurrency, Online shopping, Risk management

The report, Popular Javascript Package Registry Is a Playground For Malicious Actors , is based on findings from more than 1,300 malicious npm packages identified in 2021 by WhiteSource Diffend, the company's flagship automated malware detection platform.

Key Points: 
  • The report, Popular Javascript Package Registry Is a Playground For Malicious Actors , is based on findings from more than 1,300 malicious npm packages identified in 2021 by WhiteSource Diffend, the company's flagship automated malware detection platform.
  • WhiteSource tracked an average of 32,000 new npm packages published every month during 2021.
  • Our newest threat report is designed to educate readers about npm and how threat actors are using it, in order to better protect developers, companies, and users against malicious behavior."
  • In addition to outlining what npm is and how it's being used by threat actors, the report identifies five must-know facts about npm package security, as well as best practices to thwart npm attacks.

WhiteSource Launches Azure Repository Integration

Retrieved on: 
Wednesday, January 26, 2022
Philips, View, UI, Industry, Bitbucket, GitLab, TEL, SCA, Scan, Comcast, Multimedia, Organization, Commitment to Development Index, Infrastructure as code, Adoption, IBM, Environment, WhiteSource, GitHub, Learning, Microsoft, Online shopping, Satellite navigation device, Risk management

TEL AVIV, Israel AND BOSTON, Jan. 26, 2022 /PRNewswire/ -- WhiteSource , a leader in open source security and management, today released an Azure DevOps repository integration , allowing Azure DevOps users to detect all open source components and automatically enforce security policies directly from their repository.

Key Points: 
  • TEL AVIV, Israel AND BOSTON, Jan. 26, 2022 /PRNewswire/ -- WhiteSource , a leader in open source security and management, today released an Azure DevOps repository integration , allowing Azure DevOps users to detect all open source components and automatically enforce security policies directly from their repository.
  • The WhiteSource for Azure Repos integration automatically scans open source code for security vulnerabilities or license violations on every merge request, before the code is merged.
  • In addition to WhiteSource's existing integrations with all major code repositories, including GitHub, GitHub Packages, JFrog, Bitbucket, and GitLab, the new WhiteSource for Azure Repos integration allows users to generate inventory, security, and compliance reports.
  • With the WhiteSource for Azure Repos cloud-based integration, users can:
    View automated remediation suggestions WhiteSource Enterprise automatically generates pull requests in the repository to update vulnerable open source components to the lowest non-vulnerable version.