WhiteSource Bolt

WhiteSource BoltProduct Overview

1. About WhiteSource Bolt
2. Pros of WhiteSource Bolt
3. Cons of WhiteSource Bolt
4. Breakdown of core features

WhiteSource Bolt product overview

WhiteSource Bolt is a free app developer tool designed to find and help fix open source vulnerabilities. it runs as an app on GitHub and as an extension on Azure DevOps and works by scanning all of your projects and detecting vulnerable open source components. It also provides actionable, validated remediation paths to enable quick resolution. There is support for over 200 programming languages and continuous tracking of multiple open source vulnerabilities databases including the NVD, security advisories, peer-reviewed vulnerability databases, and open source projects issue trackers.

Pros of WhiteSource Bolt

Back to top ↑

Open-source governance is fully automated once the plug-in is added. Once added to a continuous integration tool, both old and new dependencies are managed without the need for running manual checks.

Cons of WhiteSource Bolt

Back to top ↑

Some users report false positives. Because of this, developers may need to quickly review flagged vulnerabilities before running fixes.

Breakdown of core features

Back to top ↑

Supports All Languages

Supporting over 200 programming languages, covering all common package managers. It also works with the most common open source libraries like .Net and .Net core.

Continuous Security

Running WhiteSourece Bolt helps your developers identify and fix vulnerabilities in newly added components as well as in existing ones.

Simplified Remediation

WhiteSource Bolt provides actionable and verified suggested fixes for a quick remediation

(Last updated on 12/20/2019 by Marshall Bright)