Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

NOTES:

  • This is a controlled WhiteSource Integration Release. Please contact your WhiteSource customer success manager for access to this feature.

  • If you have a dedicated ThreadFix or Fortify Agent installation with a version earlier than v18.20.x, migrate to the latest AVM Agent.

Overview

The WhiteSource Application Vulnerability Management (AVM) platform integration enables customers that are running AVM platforms such as, Fortify or ThreadFix, to extend the auditing results of Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST) of their applications, and complement these results with a comprehensive view of Software Composition Analysis (SCA) auditing results on one dashboard; thus, providing simplified and efficient 360 degree vulnerability management.

The integration provides customers with up-to-date information about vulnerabilities found in the open-source components used in their software, ensures better security monitoring throughout the software development lifecycle, and synchronizes auditing decisions concerning open-source components between WhiteSource and AVM platforms in a bidirectional manner. Filtering and aggregating comprehensive SAST, DAST, and SCA information in the AVM dashboard help to prioritize remediation, and ensure that critical vulnerabilities are handled first independent of the vulnerability’s source. In addition, a record with all the information about the vulnerability and its auditing status (including the CVE number, severity level and suggested fix) is issued for every vulnerability found in the utilized open-source components.

The following topics describe:

  • No labels

Copyright © 2024 Mend.io (White Source Ltd.) | All rights reserved.