46
114
+ 1
0

What is Black Duck?

It is a solution that helps development teams manage risks that come with the use of open source. It gives you complete visibility into open source management, combining sophisticated, multi-factor open source detection capabilities with the Black Duck KnowledgeBase.
Black Duck is a tool in the Security category of a tech stack.

Who uses Black Duck?

Companies
7 companies reportedly use Black Duck in their tech stacks, including DevOps, Labs, and immowelt GmbH.

Developers
37 developers on StackShare have stated that they use Black Duck.

Black Duck Integrations

Bitbucket, Travis CI, Gradle, Apache Maven, and Bamboo are some of the popular tools that integrate with Black Duck. Here's a list of all 9 tools that integrate with Black Duck.
Decisions about Black Duck

Here are some stack decisions, common use cases and reviews by companies and developers who chose Black Duck in their tech stack.

Needs advice
on
Black DuckBlack Duck
and
VeracodeVeracode

Hi Everyone, I am using Black Duck for my project...I need some advantages on Blackduck as compared to Veracode and other tools..... I don't have any idea about other tools, So I am not able to compare practically.. Please help me.

See more

Is it possible to integrate Black Duck, SonarQube and Coverity with Fortify SSC?

See more

Black Duck's Features

  • License management
  • PDF protection
  • Trial license
  • Binary separation
  • Asset tracking
  • Audit management
  • Open source security
  • Open source compliance.

Black Duck Alternatives & Comparisons

What are some alternatives to Black Duck?
SonarQube
SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.
Veracode
It seamlessly integrates application security into the software lifecycle, effectively eliminating vulnerabilities during the lowest-cost point in the development/deployment chain, and blocking threats while in production.
Checkmarx
It is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process.
ESLint
A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.
OpenSSL
It is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
See all alternatives

Black Duck's Followers
114 developers follow Black Duck to keep up with related blogs and decisions.