Open Source Code Scanning
Discover Open Source In Your Code Base
In today’s “copy and paste” world, development organizations are increasingly relying on software mashups and code reuse to create things faster, better, and cheaper. Therefore, it is more important than ever to know where code comes from, what's inside, and where it’s being used. These insights empower organizations to optimize the use of open source, ensure compliance, discover security vulnerabilities, identify bugs, and correct poor programming practices.
Black Duck offers a range of code scanning and code matching products and services that provide you with visibility into your code assets, help you discover what open source code is used within specific applications, direct you to the code origin, and code provenance, as well as assist you with license identification.
Black Duck Solutions
The Black Duck Hub helps security and development teams identify and remediate open source vulnerabilities across application portfolios. The Hub’s lightweight, open source scanning, tracking, and monitoring solution:
- Identifies open source throughout your code base
- Automatically maps known vulnerabilities to the open source you have in use
- Triages and tracks remediation
- Continuously monitors for newly identified vulnerabilities
As part of Black Duck's leading OSS Logistics solution, Black Duck® Protex™ helps manage open source compliance and integrates seamlessly with existing development tools to automatically scan, discover and identify software origins.
The Black Duck® KnowledgeBase™ is the industry’s most comprehensive database of open source project information and other downloadable software. Together with Protex, they provide the industry’s most sophisticated and accurate code scanning solution.