Codota and WhiteSource Team Up to Reduce Open Source Security Risks

By CIOReview | Friday, July 19, 2019
Rami Sass, Co-Founder & CEO

Rami Sass, Co-Founder & CEO

Codota, a developer of top code AI- platform, and WhiteSource, an open-source security services provider, enter into a partnership with an aim to tackle security vulnerabilities in open source.

Fremont, CA: Now, ensuring open source security in their code would be an easy task for software experts, in view of the recent collaboration between Codota and WhiteSource.

WhiteSource and Codota have announced an alliance, through which a new IDE (Integrated Development Environment) would be created. The IDE plug-in will alert developers in real-time about any vulnerabilities in open source in the code. The IDE will also suggest possible and appropriate fixes within the IDE.

An IDE is a primary application which developers utilize for a variety of purposes, such as authoring, improving and debugging software. The current software industry has entrusted software developers with the responsibility of software compliance and security.

With more responsibilities, it has become imperative for software developers to quickly identify and tackle possible open source issues while coding. The WhiteSource-Codota plug-in makes the entire process easier for developers.

Many times, conventional or manual tracking has failed to be accurate and satisfying. Also, some of the open source vulnerabilities may go unnoticed in the coding stage and are only discovered later, either just before the release, or after deployment in some cases.

As in any technical process, timely identification of any risks is always preferred. Late discovery creates a tough situation where huge amounts of money, rigorous attempts to fix the identified issues or even significant delays are seen often.

“Today, 50-80 percent of a typical commercial software product consists of open source components, and open source usage is only rising. After all, why should organizations invest resources reinventing the wheel, when they can focus on developing new innovative technologies that put them ahead of their competition?” asks Rami Sass, Co-founder and CEO, WhiteSource. 

WhiteSource was featured in CIOReview as one of the Top 20 Most Promising Open Source Solution Providers 2016.

Now with the enhanced IDE plug-in, customers at WhiteSource would now be able to set up a plug-in for the popular IDE, IntelliJ in order to obtain alerts on any security risks while employing a component with an existing risk of vulnerability.