メインコンテンツに移動

DevOps Integrations

Automate Open Source Management
In Your Development Environment

Agile development relies on automated development and testing to speed time to market and improve product quality. Black Duck helps you ensure your applications are free of open source vulnerabilities and comply with open source license and use policies as part of your automated DevOps framework. With easy to use open source integrations for the most popular development tools, and REST API’s that allow you to build your own integrations for virtually any commercial or custom development environment, you can be agile, secure, and compliant.

Continuous Integration (CI) Tool Integrations

Hub CI integrations allow you to configure and automate scanning as part of your CI build process. Scan results are visible within both the Hub and CI user interfaces, and open source security, license, and use policies defined in Hub can be configured to show alerts within the CI tool or fail a build, allowing you to configure enforcement based on project type and build phase.  

Black Duck Jenkins Integration

Jenkins

Download from Github

Black Duck TeamCity Integration

TeamCity

Download from Github

Black Duck Atlassian Bamboo Integration

Bamboo

Download from Github

Black Duck Microsoft Team Foundation Server Integration

TFS

Download from Github

Build Environment Integrations

With Hub build environment integrations you can augment open source discovery via Hub’s source and binary file scanning with dependency information obtained from the build environment itself. These plugins automate the collection and reporting of project dependencies to Hub, combining data from both sources into a highly complete and accurate open source bill of materials (BOM).   

Black Duck Maven Integration

Maven

Download from Github

Black Duck Gradle Integration

Gradle

Download from Github

Bug & Issue Tracking Integrations

Hub bug & issue tracking integrations allow you to generate, track, and manage issues (a.k.a. “tickets”) related to Hub policy violations and security alerts, natively in the systems you already use to manage your development and testing work.   

Black Duck Atlassian Jira Integration

Atlassian Jira

Download from Github

Binary Repository Integrations

Hub binary repository integrations help you ensure that the code artifacts your developers are using comply with open source use policies and are free from known vulnerabilities. These plugins scan artifacts already in the repository as well as those being added, preventing non-compliant artifacts from entering or propagating. In addition, Hub’s vulnerability & policy monitoring will alert you when new security risks or policies affect artifacts in the repository.  

Black Duck JFrog Artifactory Integration

JFrog Artifactory

Download from GitHub

Application Security Suite Integrations

Hub application security suite integrations give IBM AppScan, HPE Security Fortify SSC, or ThreadFix users a “single pane of glass” view of application vulnerabilities across both the custom code and open source components that make-up their applications. This integrated view open source vulnerabilities with static (SAST) testing results helps teams prioritize and track remediation efforts across the entire application codebase.  

IBM AppScan Integration

IBM AppScan

Learn More

HP Enterprise Security Fortify

HPE Fortify

Download from Github

Black Duck ThreadFix Integration

ThreadFix

Available from ThreadFix

Container Platform Integrations

Docker containers are revolutionizing the way applications are packaged and deployed. Containers make continuous integration & delivery (CI/CD) of applications easier for development teams, but they also make application security and compliance management more challenging for operations teams. Hub container platform integrations help you ensure that your containers are free of open source vulnerabilities and comply with open source policies before, during, and after deployment.  

Black Duck Red Hat Enterprise Linux Atomic Host Integration

RHEL Atomic Host

Download from Github

Black Duck Docker Integration

Docker

Built In!

Hub Application Programming Interfaces

In addition to the pre-built integrations, you can also develop your own, custom integrations with Black Duck Hub using Hub’s rich set of REST API’s, which support a wide range of configuration, automation, policy management, and alerting capabilities. Documentation and interactive examples are available from the Hub user interface.

Protex and Code Center Integrations

Want to integrate Protex and Code Center with the development tools you use? More information about Protex and Code Center integrations is available on the Protex product overview page.

Customize Them. They’re Open Source Integrations!

Most Black Duck integrations are provided as open source integrations under the Apache 2.0 open source license. Customize them to meet the specific needs of your environment or use them as a model to create new integrations with your own tools. Have a change that will benefit other users? Contribute your changes back to the community. More information and issue trackers for the current integrations as well as the latest integrations and versions are available on the Black Duck page on GitHub.