Black Duck Suite

Automate Open Source Governance, Compliance, and Security

 
We are very happy to see the multi-select feature for identifications in the Black Duck Suite. This new feature is making our daily work so much easier.
Siegfried Erb
Lead Build Team
InterComponentWare AG

Whether your organization is looking for more control and visibility of open source software (OSS) in your code base or wants to audit code from suppliers, the Black Duck® Suite helps maximize the benefits of open source while managing the associated legal, operational and security risks. The Suite automates open source governance and compliance, while continually monitoring for security vulnerabilities to enable organizations to speed development, reduce costs, and ensure application security. 

A comprehensive, automated, and logistical approach to OSS governance and compliance that integrates across the application development lifecycle is critical. The Suite automates key processes: code acquisition, approval, scanning, validation, cataloging, and monitoring. It is highly scalable and can support development teams of any size, whether co-located or geographically distributed, and can be deployed on premises or as software as a service (SaaS). 

Features

  • Automated governance, compliance, and security:
    • Customizable approval workflow to reinforce your organization’s policies and procedures
    • Code scanning and auditing to discover and control unknown or unapproved software
    • Open source security vulnerability identification and monitoring
    • Remediation tracking with rollup data from component to application level
    • Vulnerability report filters highlight applications that are most vulnerable
  • A catalog for open source, commercial and internally-developed software that allows developers to easily find, track, and reuse approved code
  • Comprehensive code search to help developers find and choose components, tapping the Black Duck® KnowledgeBase™ as well as a client’s internal catalog
  • A tool integration framework that is repository-neutral, including easy integration with issue tracking and build systems, software configuration management systems (CMS) and tools

Deep License Data™ goes beyond the top-level declared license of an open source project, providing up-front visibility into embedded licenses – those licenses that exist within projects and are not readily identifiable – which are often carried over when code from other projects are included. Deep License Data helps organizations:

  • Know exactly what license information exists in a component before it enters your code stream.
  • Make more informed decisions up-front during component selection and approval processes, reducing license-related issues or rework later in the SDLC.
  • Expand the potential pool of open source projects to choose from by offering visibility into projects with no declared license.

Black Duck Suite - Open Source Governance Lifecycle

To learn more about how the Black Duck Suite can help your organization maximize the power of open source through comprehensive OSS Logistics solutions, contact us at info@blackducksoftware.com

Latest Tweets

Black Duck Software (15 hours ago)
RT @kjjaeger: #OpenHub https://t.co/eGzDytnd8Q is a good tool for getting the 'pulse' of most of the major #OpenSource projects out there.
Black Duck Software (Yesterday)
RT @jhibbets: It's an open-source world: ​78% of companies run open-source software http://t.co/VmKvznIwUG @sjvn @futureofOSS @black_duck_sw
Black Duck Software (2 days ago)
Watch how the Black Duck Hub's scanning & monitoring solution quickly finds & remediates open source #vulnerabilities http://t.co/Q4yXKr2MHa
Black Duck Software (2 days ago)
RT @gigabarb: How Microsoft is courting developers to grow its cloud via @FortuneMagazine http://t.co/8x307J4s2T
Black Duck Software (2 days ago)
New Open Source Wrap Up: #OpenStreetMaps Aid in Nepal & Docker at #Build2015 | @OSDelivers http://t.co/MUmSIDHtfA http://t.co/ubjDFjt7Bm

Black Duck Software
8 New England Executive Park
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB