Black Duck Hub Provides Most Comprehensive and Earliest Alerts on New Open Source

Black Duck VulnDB has nearly 40 Percent more data than NVD, on average three weeks earlier, for broad coverage of open source vulnerabilities; adds new support for C, C++, and C# programming languages

Burlington, MA (August 04, 2015) - Black Duck Software, a global leader in providing solutions for securing and managing open source software, today announced the availability of the Black Duck Hub 2.2, including new, extended open source security vulnerability intelligence, providing vulnerability data beyond what is offered in the National Vulnerability Database (NVD).

VulnDB, a new vulnerability data source embedded in Black Duck’s Hub 2.2 product release, alerts customers to newly reported vulnerabilities on average three weeks sooner than NVD in 2015.

Reporting on 38 percent more vulnerabilities than NVD, VulnDB provides more comprehensive detail on each vulnerability, recommends use of the open source software version that is free of known vulnerabilities, and advises on remediation steps.  Customers can protect their applications from attackers by proactively identifying where known vulnerabilities exist in their open source code within days of a vulnerability being publicly reported.

“Finding open source vulnerabilities in our NFV orchestration software products manually is a burdensome process. Manual testing often yields incomplete lists requiring additional time and effort to secure software releases. With the Black Duck Hub and its VulnDB, our software team can quickly extrapolate vulnerability points and identify safe open source components. Overture can hold the line and release products quickly and securely with Black Duck Hub,” said Richard Jenny, Director, Engineering Program Management & DevOps at Overture Networks.  

With this release, the Black Duck Hub also adds new support for additional programming languages, now identifying known vulnerabilities for Java, C, C++, C#, RubyGems, Nuget, JavaScript, and Scala. Further, the Black Duck Hub continuously monitors for new vulnerabilities reported against open source software already in use.

Try the 14-day trial of the Black Duck Hub.

About Black Duck Software 
Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage Open Source Software, eliminating the pain related to security vulnerabilities, compliance, and operational risk. Black Duck is headquartered in Burlington, MA and has offices in Mountain View, CA, London, Paris, Frankfurt, Hong Kong, Tokyo, Seoul, and Beijing. For more information, visit www.blackducksoftware.com.

Press Contact 
PAN Communications
Katelyn Campbell
617-502-4300
blackduck@pancomm.com

Black Duck
Brian Carter, Director Strategic Communications
bcarter@blackducksoftware.com