Black Duck Reviews

Black Duck Description

Black Duck has been helping security, legal, and development teams around the world for over 15 years to manage the open source risks. Built on the Black Duck KnowledgeBase™--the most comprehensive database of open source component, vulnerability, and license information--Black Duck software composition analysis solutions and open source audits give you the insight you need to track the open source in your code, mitigate security and license compliance risks, and automatically enforce open source policies using your existing DevOps tools and processes. Black Duck offers a comprehensive software composition analysis (SCA), which helps you manage security, quality, and compliance risks that can be caused by third-party and open source code in containers and applications. Black Duck provides unparalleled visibility into third-party codes, allowing you to manage it throughout your software supply chain as well as the entire application life cycle.

Pricing

Free Trial:

Yes

Integrations

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

Synopsys

Year Founded:

1986

Headquarters:

United States

Website:

www.blackducksoftware.com

Media

Product Details

Platforms

SaaS

Windows

Type of Training

Documentation

Webinars

Customer Support

Phone Support

24/7 Live Support

Online

Black Duck Features and Options

Software Composition Analysis (SCA) Tool

IT Asset Management Software

Asset Tracking

Audit Management

Compliance Management

Configuration Management

Contract/License Management

Cost Tracking

Depreciation Management

IT Service Management

Inventory Management

Maintenance Management

Procurement Management

Requisition Management

Supplier Management

License Management Software

Automatic SKU Recognition

Central LM Server

Copy Protection

History Tracking

Node Management

Online Activation

Portable License

Sarbanes-Oxley Compliance

Timing Rights

Trial License

Black Duck Lists

DevSecOps

Compare Black Duck Against Alternatives

vs.

Mend.io

Mend.io (formerly WhiteSource), the leading solution for agile open-source security and license compliance management, integrates with DevOps pipeline in real time to detect vulnerable open-source libraries. It offers policy automation and remediation paths to speed up the time-to-fix. It...

Compare
vs.

Revenera SCA

Take control of your open-source software management. Your organization can manage open source software (OSS), and third-party components. FlexNet Code Insight assists development, legal, and security teams to reduce open-source security risk and ensure license compliance using an end-to-end...

Compare
vs.

Debricked

Debricked's tool allows for greater use of Open Source while minimizing the risks. This makes it possible to maintain a high development pace while remaining secure. The service uses state-of-the-art machine learning to ensure that data quality is excellent and can be instantly...

Compare
vs.

DerScanner

DerScanner combines static (SAST), dynamics (DAST) as well as software composition analysis (SCA), all in one interface. It allows you to check your own code and open-source code with one solution. Compare the results of SAST with DAST. Verify the vulnerabilities detected and eliminate them...

Compare
vs.

Insignary Clarity

Insignary Clarity, a specialized solution for software composition analysis, helps customers gain visibility into their binary code by identifying known security vulnerabilities and highlighting potential license compliance issues. It works at the binary-level using unique fingerprint-based...

Compare
vs.

FOSSA

Scalable, end to end management for third party code, license compliance and Open Source has been a critical supplier for modern software businesses. It has changed the way people think about code. FOSSA provides the infrastructure to enable modern teams to succeed with open source. FOSSA's...

Compare
vs.

MergeBase

MergeBase is changing the way software supply chain protection is done. It is a fully-featured, developer-oriented SCA platform that has the lowest number of false positives. It also offers complete DevOps coverage, from coding to building to deployment and run-time. MergeBase accurately detects...

Compare
vs.

FossID

Find all open source software hiding in your code with FossID. Deliver complete SBOM reports with confidence for greater license compliance and security without disrupting the productivity of your developers. FossID Workbench includes a language-agnostic scanner that assures you that all...

Compare

Similar Software

Revenera SCA

Take control of your open-source software management. Your organization can manage open source software (OSS), and third-party components. FlexNet Code Insight assists development, legal, and security teams to reduce open-source security risk and ensure license compliance using an end-to-end...

View Software
Finite State

Finite State offers risk management solutions for the software supply chain, which includes comprehensive software composition analysis (SCA) and software bill of materials (SBOMs) for the connected world. Through its end-to-end SBOM solutions, Finite State empowers Product Security teams to...

View Software
DeepSCA

DeepSCA is an online service that uses AI to analyze software composition. It's free and can be used for software risk assessment. It accepts a variety of inputs, including binary, APKs, JavaScripts, Pythons, Docker images, etc. and does not require source code.

View Software
Checkmarx

The Checkmarx Software Security Platform is a centralized platform for managing your software security solutions. This includes Static Application Security Testing, Interactive Application Security Testing and Software Composition Analysis. It also provides application security training and...

View Software
DerScanner

DerScanner combines static (SAST), dynamics (DAST) as well as software composition analysis (SCA), all in one interface. It allows you to check your own code and open-source code with one solution. Compare the results of SAST with DAST. Verify the vulnerabilities detected and eliminate them...

View Software