Forges and Datasources

Black Duck's goal is to catalog literally every open source project available and, as such, we work with numerous hosting sites. The partners listed here are ones who actively support our automated data gathering efforts.


Launched in June 2006, CodePlex is Microsoft’s open source project hosting site. Built on Microsoft Visual Studio® 2008 Team Foundation Server, CodePlex hosts thousands of open source projects with support for source control, bug tracking, wiki pages, release management, forums, and project statistics. Additionally, CodePlex supports source control clients for Subversion and Teamprise. As of February, 2009, more than 230,000 software projects have been registered to use our services by more than 2 million registered users, making CodePlex the largest collection of open source tools and applications on the net.


The National Vulnerability Database (NVD) is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.

Risk Based Security

Risk Based Security is an internationally recognized leader in vulnerability intelligence, data breach analytics, risk management services, and on-demand security solutions. RBS’ Cyber Risk Analytics and risk intelligence services assist organizations with collecting and analyzing the most current information in order to prioritize mitigation actions in the ever-increasing threat landscape. RBS has developed VulnDB, for comprehensive vulnerability intelligence and third party library monitoring and tracking which is the largest and most comprehensive vulnerability database available. The RBS team is comprised of industry veterans who founded and maintain the OSVDB project and is a member of the CVE Editorial Board and FIRST VRDX-SIG. RBS has been recognized as vulnerability experts for well over a decade and have been responsible for discovering vulnerabilities in high profile products from various vendors such as Microsoft, Adobe, Symantec, IBM, Apple, SAP, Google, Trend Micro, Novell and several others. 

SourceForge is the world's largest open source software development website. They provide free services that help people build cool stuff and share it with a global audience.