Overview

Get the insights you need, when you need them. The extension provides full visibility of your open source components, alerts on security vulnerabilities, and offers actionable remediation insights in real-time. WhiteSource Advise integrates seamlessly into your coding environment in a frictionless integration, without interrupting or delaying your workflow.

You will need a WhiteSource account to activate the extension. If you do not have one, you can request a free trial here.

Key Benefits

• Detect vulnerabilities while coding: early detection of security issues saves precious time and resources. You can now run security tests before committing your code, and speed-up your development process.
• Get detailed alerts: Each alert provides you with all of the information you need, within your Visual Studio Code UI, like the component name, CVE ID, CVSS Score, and more..
• Speed-up remediation: Alerts contain proactive remediation guidance to help developers fix the issues, like suggested fix, and mapping of the vulnerable dependency.
• Non-intrusive integration: WhiteSource Advise automatically checks the WhiteSource security database in the background for vulnerabilities reported for your projects and will mark vulnerable packages.

Getting started with WhiteSource Advise

After installing the extension, please check out our documentation for more details.