Case Study: Symphony Software Foundation achieves secure, compliant open-source development for financial institutions with Mend

Building the backbone of open source development for the financial industry

The Symphony Software Foundation is an independent nonprofit created by major financial firms to build an Open Developer Platform (ODP) and foster secure, collaborative open source development for the financial services industry. Its core challenge was convincing highly regulated, risk-averse institutions to adopt third-party open source components by proving those components were free of known vulnerabilities and compliant with license policies.

To solve this, the Foundation partnered with WhiteSource to automatically enforce security, license and quality policies in the CI/CD pipeline—blocking unsafe commits, failing builds when policies are violated, and letting project leaders control approvals. The integration preserved developer velocity while raising confidence across members, driving increased contributions and industry buy‑in and positioning the Foundation as a secure hub for faster, compliant innovation.

Symphony Software Foundation

Maurizio Pillitu

Foundation’s Director of DevOps