WhiteSource is an all-in-one security, licensing, quality solution for managing open source components. It operates in real time, by automatically and continuously scanning dozens of open source repositories, and cross-referencing this data directly against the open source components identified in your build (your actual inventory). It automates the creation and enforcement of your company’s open source policies, and centralizes inter –departmental communications and approval processes. It keeps detailed inventories reports and provide real-time alerts so you can act fast. It’s compatible with pretty much all programming languages, CI servers, build tools and other development environments.
Versions for 8.9.0 and up are not supported
Checkmarx’s CxOSA is traditionally an optional add-on to your existing CxSAST solution that can be used to detect and manage security vulnerabilities not only in home grown code, but also open source libraries. Checkmarx now offers CxOSA-WS for customers that need security and open source management that also covers non-security features. CxOSA-WS includes CxOSA and WhiteSource side-by-side.
For more information about Checkmarx OSA (v8.9.0 and up) and is many features, please refer to the new Checkmarx OSA Documentation space. This documentation space is great for keeping up to date with any changes in technical documentation for Checkmarx OSA.