Black Duck integrates Hub into Microsoft’s Visual Studio Team Services and Team Foundation Server to automate open source identification and detect security and compliance issues

Open source security leader joins Microsoft Visual Studio Program as Premier Level Partner

BURLINGTON, MA -  March 7, 2017 – Black Duck, the global leader in automated solutions for securing and managing open source, today announced it is integrating its Hub solution with Microsoft Visual Studio Team Services (TS) and Team Foundation Server (TFS).  Black Duck’s Visual Studio extensions will automatically detect the open source in use during the TFS and TS builds, identifying security vulnerabilities, components with license compliance issues and operational risks early in the software development lifecycle (SDLC).

“With open source making up between 80% and 90% of the code in today’s applications, effective security and management of the open source in use is essential,” said Black Duck CEO Lou Shipley. “Microsoft recognizes the importance of open source in application development and the many economic and productivity reasons for its rapidly expanding use. We’re pleased that Microsoft also sees the value in bringing Black Duck’s open source license and security compliance capabilities to the Microsoft Visual Studio continuous integration platform,” said Shipley.

Shipley also pointed out that “the continuing rapid growth in open source use worldwide, and the demand for more and more application development agility and speed, make strategic partnerships like this one with Microsoft more important than ever.” 

Organizations worldwide are striving to identify application issues earlier in the SDLC, and Black Duck Hub’s software composition analysis capabilities can be fully integrated during the build and release processes, allowing teams to produce better code, faster. With one in every 16 open source download requests for a component with a known vulnerability, organizations increasingly recognize the need for automated processes to identify and manage the open source they use.

Shawn Nandi, Senior Director, Cloud App Dev and Data Marketing for Microsoft, said, “We welcome Black Duck to the Visual Studio Partner Program and we are pleased that this integration with Visual Studio will bring our customers options to detect and manage potential security risks.”

Availability and Resources

  • Explore details on Black Duck Hub Visual Studio Team Services and Team Foundation Server Extensions here
  • Understand Software Composition Analysis by reading The Forrester Wave™: Software Composition Analysis, Q1 2017 here
  • Watch a video explaining how to get started with Black Duck Hub for Visual Studio here
  • Try Black Duck Hub 14-day Free Trial here

About Black Duck Software

Organizations worldwide use Black Duck’s industry-leading products to automate the process of securing and managing open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, Vancouver, London, Belfast, Northern Ireland, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit

Media Contacts

Black Duck
Brian Carter
Director of Strategic Communications

PAN Communications
Michael O’Connell and Lisa Sorrentino