Denim Group’s ThreadFix Integrates with WhiteSource, Brings Comprehensive Management to Open Source Software Vulnerabilities

SAN ANTONIO–(BUSINESS WIRE)–Denim Group, the leading independent application security firm, today announced an integration with WhiteSource, the leader in open source security and license compliance management. This integration will allow WhiteSource customers to view and manage their open source security vulnerabilities from within ThreadFix, enabling them to improve security management with a comprehensive view of all of the software vulnerabilities in both their proprietary and open source code.

“Maintaining security within the development pipeline is vital for the DevSecOps community”

Tweet this

Open source code comprises the backbone of today’s software development ecosystem, with more than 90% of applications relying heavily on open source components1. However, this code can contain vulnerabilities and leave companies exposed if not detected and patched quickly. Software development teams require effective tools to detect and remediate vulnerabilities within their internally developed and externally sourced code throughout the development lifecycle.

“Maintaining security within the development pipeline is vital for the DevSecOps community,” said Dan Cornell, Denim Group CTO. “We are excited to announce our integration with WhiteSource as it is a direct response to market demand and commercially relevant products, and we are confident that it will provide current and future customers the resources necessary to manage code vulnerabilities and risk effectively.”

Through the integration with ThreadFix, WhiteSource customers will be able to consolidate their Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA) results into one single unified view, streamlining their vulnerability management efforts. The simplified view and risk-based filtering will also allow security teams to more readily prioritize vulnerabilities based on severity, giving them the perspective they require to find and remediate the most serious vulnerabilities first.

“We are excited to move forward in our partnership with the Denim Group team, making it easier than ever for WhiteSource and ThreadFix customers to manage their open source security as a part of their software development management practices,” says WhiteSource’s VP of Product, David Habusha, adding that, “It’s important to us that WhiteSource customers can manage their open source vulnerabilities as seamlessly as possible.”

To learn more about how ThreadFix and WhiteSource can help make managing security more seamless, please visit the integration page here.

About Denim Group

Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.

About WhiteSource

WhiteSource is the leader in continuous open source security and license compliance management. Its vision is to empower businesses to develop better software by harnessing the power of open source. Industry leaders like Microsoft, IBM, and hundreds more trust WhiteSource to secure and manage the open source components in their software. For more information, please visit