Skip to main content

Black Duck &
Red Hat

Securing Open Source at Enterprise Scale

Download the Data Sheet

Native Container Security for the Enterprise
with Red Hat and Black Duck

Build and deploy containers and applications securely and at scale.

You use containers to rapidly build, deploy, and scale applications. But as your container cluster grows, validating the contents and security of container images is painful. You need solutions that will scale with your container deployment. By integrating Black Duck with Red Hat’s enterprise container management products, you can automatically scan and monitor all of your container images to gain visibility into and control any security vulnerabilities or policy violations found in your open source code.


Black Duck &Red Hat OpenShift

Container Platform

Automatically scan and monitor all container images in OpenShift Container Platform to discover any open source security vulnerabilities in your OpenShift cluster.
Black Duck & RHEL Atomic Host

Atomic Host

Natively scan and monitor your Linux container images running on Red Hat Enterprise Linux Atom Host to assure secure deployment at enterprise scale.

Enterprise-Ready Container and Application Security


Image Discovery

Black Duck automatically discovers all images in OpenShift as they are created or updated and knows to scan anything that has changed in your cluster

Container Security

Black Duck performs deep container inspection on both operating system and application layers to identify open source security vulnerabilities at any stage

Manage Container
Life Cycles

Use annotations of vulnerability and policy information sent to OpenShift to gate the instantiation of containers in your cluster

Vulnerability Knowledge

Identify known vulnerabilities for the open source in your applications and containers; find out which ones already have patches available and get remediation guidance for those that don’t


Set policies for open source projects, license types, and vulnerability tolerance; quickly identify policy violations and manage exceptions by project and component


Black Duck will monitor your code and alert you on newly reported open source vulnerabilities associated with open source in use