Black Duck Hub
14-Day Trial

Black Duck Suite

Black Duck Suite

Automate Open Source Governance, Compliance,
and Security

Black Duck Suite - Open Source Governance Lifecycle

Need more visibility into and control over the open source software (OSS) in your organization?

An automated approach to open source governance and compliance that integrates across your application development lifecycle is critical.

The Black Duck® Suite, our end-to-end OSS Logistics solution, enables enterprises of every size to manage how they acquire, approve, scan, monitor, secure, inventory, and deliver software with open source components.

The Black Duck Suite automates open source governance and compliance, while continually monitoring for security vulnerabilities to enable organizations to speed innovative development, reduce costs, and ensure application security.






Black Duck Suite Features

Legal Compliance and Governance

  • Scan and match open source components in your software
  • Flag license risk and license conflicts
  • Discover and control unknown, outdated or unapproved components
  • Create customizable approval workflow to reinforce your organization's policies and procedures

Vulnerability Identification

  • Open source security vulnerability identification and monitoring
  • Remediation tracking with rollup data from component to application level
  • Vulnerability reports, dashboard risk profile and automated notifications highlight applications that are most vulnerable

Code Catalog And Search

  • Catalog for open source, commercial and internally-developed software that allows developers to easily find, track, and reuse approved code
  • Help developers find and choose components, tapping the Black Duck KnowledgeBase, as well as your internal catalog, with comprehensive component search capabilities


The Black Duck Suite provides seamless integration with your existing development ecosystem

  • Integrated Development Environments (IDEs)
  • Build and Continuous Integrations (CI) Tools
  • Reporting Systems
  • Binary Repository Management Systems
  • Issue tracking Systems

The Most Comprehensive Open Source KnowledgeBase

The Black Duck® KnowledgeBase™ is the industry’s most comprehensive database of open source project information. The Black Duck KB includes over ten years' worth of data, more than 1 million software projects from more than 8,500 sites, and detailed data for more than 2,400 unique licenses, including vulnerabilities, full license text and dozens of encoded attributes and obligations for each license. New open source project versions and meta data are continually added in to the KnowledgeBase.


Deep License Data™ goes beyond the top-level declared license of an open source project, providing up-front visibility into embedded licenses – those licenses that exist within projects and are not readily identifiable and often carried over when code from other projects are included.

  • Know exactly what license information exists in a component before it enters your code stream
  • Make more informed decisions during component selection and approval, reducing license-related issues or rework later in the software development lifecycle
  • Expand the potential pool of open source projects to choose from by offering visibility into projects with no declared license

Hear What Our Customers Have to Say

The Black Duck Suite provides a great management and governance platform. It enables us to do timely and comprehensive IP reviews of the code, and ship our products with confidence – and a trustworthy Bill of Materials.
Matt Foley
Director of Engineering Infrastructure
Black Duck Suite automates the process in such a way that we are able to gain all of the benefits of open source software while mitigating the risks.
Dr. Yunjae Jung
Principal Specialist
Samsung SDS
With the Black Duck Suite we found the right solution to execute our open source governance policy by providing a scalable and transparent approval process.
Janaka Bohr
Head of Global Licensing, Open Source

Start Streamlining Your Management of Open Source


Latest Tweets

Black Duck Software (1 hour ago)
Hope it's #secure #opensource: San Francisco prepares to open source its voting system software via @TheRegister
Black Duck Software (1 hour ago)
New Bill Aims to Stop State-Level Decryption Before It Starts | WIRED
Black Duck Software (16 hours ago)
Another one bans #flash. Bye bye, Flash! Google to Ban Flash-based Advertising #vulnerability
Black Duck Software (19 hours ago)
Wow. Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings #privacy
Black Duck Software (19 hours ago)
RT @RF_Jenkins: Read Chatback #Security News ▸ today's top stories via @euroinfosec @CTGinc @black_duck_sw

Black Duck Software
800 District Ave.
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB