Skip to main content

Don’t Fly Blind

There’s a 98% chance your code base contains unreported and untracked open source. 
What’s hiding in your code?

Stay Secure

Thousands of new open source vulnerabilities are publicly disclosed each year. 
Which ones affect you?

Maintain Compliance

Open source license violations can result in costly litigation and lost intellectual property. 
What’s your exposure?

Organizations worldwide use Black Duck to secure and manage the open source software in their applications and containers.


Open Source Component Use


Known Security Vulnerabilities


License & Component Risks


Policy & Risk Management


On New
Security Threats

The Black Duck KnowledgeBase™

The constantly expanding, definitive source for information on open source projects, vulnerabilities, and licenses.

Learn More

  • Our information security group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. This capability did not exist before, so this is huge.

    - Kostas Gaitanos , Senior Director of Development Services, FINRA
  • We connected with Black Duck several months before our IPO because our investors, our board and our management team felt it was important – critical, in fact – to understand the health of our source code in terms of security, quality and licensing.

    - Danielle Sheer, Vice President, General Counsel and Corporate Secretary, Carbonite
  • Black Duck stands in a class of its own. From a return on investment standpoint, given the breadth of information we receive from the system and the ease of use, versus our expenditure, we find it to be a great investment. Life for us would be very difficult without Black Duck.

    - Igor Lekht, Sr. Vice President AxiomSL
DDoS Attack on Dyn: IoT Vulnerabilities
Featured Blogs

DDoS Attack on Dyn: IoT Vulnerabilities

The attack on Dyn comes shortly after a pair of other massive DDoS attacks. Here's how DDoS attacks works, the impact of IoT devices, and the damage caused.

View Now
Open Source in Application Security

Open Source in Application Security

Open source code use continues to grow in application development, but security investment priorities don't match threats - check out the infographic.

View Now
Entersekt: Automating Open Source Vulnerability Management
Case Studies

Entersekt: Automating Open Source Vulnerability Management

Entersekt moved code validation earlier in the SDLC and automated their manual open source vulnerability management processes.

View Now