WhiteSource Bolt Offered as Free Developer Tool
December 04, 2018

WhiteSource announced that WhiteSource Bolt, its open source security developer tool, is now available for free for all GitHub and Microsoft Azure DevOps users, helping developers work more securely with open source components in their native development environments.

First released in March of 2017 as a paid Microsoft Visual Studio extension, WhiteSource Bolt was designed to fit into a developer's natural ecosystem, allowing software development teams to close the gap that currently exists between code development and security teams.

Additionally, WhiteSource Bolt increases developers' ability to work more efficiently with open source components by alerting in real-time once a vulnerable component is added or a new vulnerability is released for an existing component.

"WhiteSource Bolt enables GitHub developers to build more secure products," said Kyle Daigle, Director of Ecosystem Engineering at GitHub. "By detecting vulnerable open source components as soon as they are added to a GitHub repository and providing remediation recommendations, Bolt simplifies the process of vulnerability management for developers."

WhiteSource Bolt supports over 200 programming languages and is powered by WhiteSource's comprehensive vulnerabilities database, which is continuously updated with intelligence sourced from the NVD, security advisories, and popular open source issue trackers. The developer tool is capable of providing coverage for both binaries and source libraries, and offers real-time security alerts for reported vulnerabilities with suggested remediation paths to help keep organizations a step ahead of the hackers.

Share this

Industry News

January 26, 2023

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.

January 26, 2023

Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.

January 26, 2023

Section announced it is making it easier than ever to deploy and scale a Mastodon server; in just a few clicks, developers can use Section’s global platform to ensure a superior user experience at a fraction of the cost.

January 25, 2023

SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.

January 25, 2023

Venafi introduced TLS Protect for Kubernetes.

January 25, 2023

Tricentis announced the general availability of Tricentis Test Automation, a cloud-based test automation solution that simplifies test creation, orchestration, and scalable test execution for easier collaboration among QA teams and their business stakeholders and faster, higher-quality, and more durable releases of web-based applications and business processes.

January 24, 2023

Harness announced the acquisition of Propelo.

January 23, 2023

Couchbase announced its Couchbase Capella Database-as-a-Service (DBaaS) offering on Azure.

January 23, 2023

Mendix and Software Improvement Group (SIG) have announced the release of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to immediately address risks and vulnerabilities.

January 23, 2023

Trunk announces the public launch of CI Analytics.

January 23, 2023

Panaya announced a new Partnership Program in response to ongoing growth within its partner network over the past year.

January 23, 2023

Cloudian closed $60 million in new funding, bringing the company’s total funding to $233 million.

January 19, 2023

Progress announced the R1 2023 release of Progress Telerik and Progress Kendo UI.

January 19, 2023

Wallarm announced the early release of the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak.

January 19, 2023

ThreatModeler launched Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models to be downloaded — free for a limited time — and incorporated into new and ongoing threat modeling initiatives.