Gitlab hero border pattern left svg Gitlab hero border pattern right svg

GitLab Secure and Defend Integrations - WhiteSource

Overview

Here you will find all of the content relevant to this integration.

Why the integration?

We are excited that WhiteSource has leveraged GitLab’s open core software to build their integration with GitLab. Our open source approach enables GitLab customers to benefit from a vast community of partners and developers who contribute to GitLab’s capabilities. The WhiteSource open source vulnerability management integration further augments GitLab’s security capabilities across the entire DevOps lifecycle and provides GitLab customers the choice to leverage their existing tools.

Why WhiteSource?

WhiteSource customers asked WhiteSource to integrate with GitLab. WhiteSource leveraged our Core capabilities to begin the effort and have worked with GitLab to ensure that their integration optimizes customer value via GitLab Ultimate. They are the first and others are to follow.

Talking points
GitLab's open core software enables our customers and partners to contribute capabilities to our single application platform for the entire SDLC. Integration with features found only in the paid tiers, like the Security Dashboard, requires customers to purchase that tier.

Whitesource is the first security partner to integrate with GitLab's security dashboard, helping joint customers to see their software vulnerabilities early in the development process.

GitLab offers built in security scans, including static application security testing (SAST), dynamic application security testing (DAST), dependency, container and license compliance scanning early in development before the individual developer's code is merged with anyone else's. This workflow provides clear accountability and actionable insight empowering the developer to find and fix vulnerable code.

What type of integration - Technical, Inbound

Communications
WhiteSource will launch a press release on 14 January 2020 to accompany GitLab Commit SFO event.

How to implement
Documentation

Who to contact at GitLab

Content

Supporting issue

GIT is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license