Black Duck Hub

Complete open source management solution

4,2 /5 (28 avaliações) Escreva uma avaliação!

Resumo do Black Duck Hub

O que é o Black Duck Hub?

Black Duck Hub is an open source management software for web developers to discover, monitor and manage open source security vulnerabilities and license compliance. Black Duck Hub enables users to automate the process of securing open source software and managing security vulnerabilities and open source license compliance and operational risk with scanning, monitoring, alerting technology.

Resumo do Black Duck Hub

Preços

A partir de
N/A

Opções de preços

Teste Grátis
Assinatura
Relação qualidade/preço

Contact Black Duck Hub for detailed pricing information.


Recursos do Black Duck Hub

Dispositivos
Porte da empresa
P M G
Mercados
Estados Unidos
Idiomas
Inglês

Mídias

View vulnerability data
Identify open source in code, binaries, and containers
Identify license and component quality risks
Set and enforce open source use and security policies
Black Duck Hub - Vídeo Captura de tela do Black Duck Hub: View vulnerability data Captura de tela do Black Duck Hub: Identify open source in code, binaries, and containers Captura de tela do Black Duck Hub: Identify license and component quality risks Captura de tela do Black Duck Hub: Set and enforce open source use and security policies

Black Duck Hub - Avaliações

Black Duck Hub - Avaliações

Classificação geral
4,2
/
5
Excelente
11

Muito bom
12

Regular
4

Ruim
1

Péssimo
0

Relação qualidade/preço
3,8
Recursos
4
Praticidade
3,7
Suporte ao cliente
4,1
82% dos usuários recomendam este app
Avaliador Verificado

Ease of Use and extensible integration availability


Traduzir com Google
Rajiv A.

The ease of identifying and managing the open source code vulnerabilities and license risks.

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.


Traduzir com Google
Pete T.

Great software which I believe in, but not a pain free experience.

Ability to detect open source vulnerabilities in our code.


Traduzir com Google
Marco I.

Using Black Duck HUB for Open Source Governance in software projects.

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.


Traduzir com Google
Emmanuel C.

Excellent open source governance tool!


Traduzir com Google
Avaliador Verificado
Setor: Serviços e tecnologia da informação
Porte da empresa: 2-10 funcionários
Traduzido para o Português
Traduzido para o Português

Ease of Use and extensible integration availability

Usado Outro durante Mais de um ano
Avaliado em 10/04/2018
Fonte da avaliação: GetApp

Vantagens

The integrations points are quite very wide and cater to whatever type of CI/ CDthat you may want to use, also, the IDE integrations are quite easy to deploy, thereby not locking you into a corner if your DevOps team are fixed on one particular type of technologies. Also, the accuracy and detection capability seems to be very solid

Desvantagens

not sure if there is something that i did not really like, maybe initially it did not have the code snippets, but that has been taken care of now ; giving the solution better capability and usage experience

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 10.0/10

Rajiv A.
Traduzido para o Português
Traduzido para o Português

The ease of identifying and managing the open source code vulnerabilities and license risks.

Usado Diariamente durante 6 a 12 meses
Avaliado em 29/08/2017
Fonte da avaliação: Capterra

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

Vantagens

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
The product is really amazing already. Hub knowledge bases are huge and growing day by day.

Desvantagens

Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 10.0/10

Pete T.
Setor: Bancos
Porte da empresa: 1.001-5.000 funcionários
Traduzido para o Português
Traduzido para o Português

Great software which I believe in, but not a pain free experience.

Usado Semanal durante 6 a 12 meses
Avaliado em 26/07/2017
Fonte da avaliação: Capterra

Ability to detect open source vulnerabilities in our code.

Vantagens

Ability to detect open source vulnerabilities in our code. Pre-sales contact & support was good (demo, trial etc). Clean interface. Performance improved in v4.0.0.

Desvantagens

Difficult installation process, made more complicated with the introduction of Docker in v4.0.0 & with introduction of mandatory SSL/TLS web server certificate which requires troubleshooting trust issues. Support team are reluctant to pick up the phone or enter into telephone support, with sporadic email communication being the favoured option. Some gaps in documentation. Why is there no pre-built Black Duck Hub virtual appliance that I can drop into VMware? No documentation for implementing with vSphere Integrated Containers (VIC), only documentation for Docker & Openshift. Reporting improvements still to be made.

Traduzido para o Português

Resposta do Black Duck

Thank you for providing feedback about your experience with Black Duck Hub. We¿re so sorry you are having issues ¿ and we¿d like to work together to fix that. We have escalated your case so that we can resolve it quickly.

Our customer support team strives to provide support in the way that works best for you, so we noted in your account that you prefer to be reached via phone. A senior support representative will reach out to you via phone.

Many of the issues you experienced during deployment were due to our old AppMgr architecture. The new Docker deployment is a more stable environment built to fix many of the issues you experienced. The Docker deployment can be harder to implement and run the first time; our senior support representative will be guiding you through this process. We will do better next time you have an issue; please escalate any issues you have to your Customer Success Manager.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 7.0/10

Marco I.
Setor: Software
Porte da empresa: 1.001-5.000 funcionários
Traduzido para o Português
Traduzido para o Português

Using Black Duck HUB for Open Source Governance in software projects.

Usado Diariamente durante 1 a 5 meses
Avaliado em 30/09/2017
Fonte da avaliação: Capterra

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

Vantagens

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
Last but not least the technical support and customer care is really good.

Desvantagens

Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação: 10.0/10

Emmanuel C.
Traduzido para o Português
Traduzido para o Português

Excellent open source governance tool!

Usado Diariamente durante 6 a 12 meses
Avaliado em 25/07/2017
Fonte da avaliação: Capterra

Vantagens

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

Desvantagens

The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Traduzido para o Português

Resposta do Black Duck

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Recomendação do usuário
7,3/10
Baseado em 28 usuários
Compare as alternativas por recomendação dos usuários
Compare com alternativas

Preço do Black Duck Hub

Preço do Black Duck Hub

A partir de
N/A
Teste Grátis
Assinatura
Relação qualidade/preço

Contact Black Duck Hub for detailed pricing information.

Contact Black Duck Hub for detailed pricing information.

Relação qualidade/preço
3,8/5
Baseado em 28 usuários
Compare as alternativas por relação qualidade/preço
Compare com alternativas

Recursos do Black Duck Hub

Recursos do Black Duck Hub

API
Alertas de riscos
Alertas/transferência
Armazenamento de dados seguros
Auditoria
Autenticação
Autenticação de dois fatores
Controle do acesso
Gerenciamento de senhas
Gerenciamento de usuários
Gestão de conformidade
Gestão de políticas
Integração de terceiros
Logon único
Monitoramento
Monitoramento em tempo real
Painel de atividades
Relatórios e estatística
Scanner de vulnerabilidades
Segurança de SSL
Recursos
4/5
Baseado em 28 usuários
Compare as alternativas por avaliações dos recursos
Compare com alternativas

Categorias

Mais informações sobre Black Duck Hub

Mais informações sobre Black Duck Hub

Principais recursos do Black Duck Hub

  • API
  • API availability
  • Activity monitoring
  • Activity tracking
  • Agile development
  • Application security
  • Approval process control
  • Asset tracking
  • Audit management
  • Automated scanning
  • Bills of material
  • Binary separation
  • Container security
  • Data mapping
  • Knowledge base
  • License management
  • Open source audits
  • Open source compliance
  • Open source security
  • PDF protection
  • Policy management
  • Progress tracking
  • Risk assessment
  • Third party integration
  • Tracking features
  • Trial license
  • Vulnerability analysis
  • Vulnerability data

Vantagens

  • Detect partial and modified components.
  • Identify and inventory open source software used in applications.
  • Map components to known vulnerabilities and license requirements.
  • Continuously monitor and alert for new open source vulnerabilities.
  • Assist teams in remediation with orchestration and policy enforcement.

  • Perguntas frequentes sobre o Black Duck Hub

    Perguntas frequentes sobre o Black Duck Hub

    Abaixo estão algumas perguntas frequentes sobre o Black Duck Hub.

    P: Que tipo de planos o Black Duck Hub oferece?

    O Black Duck Hub oferece os seguintes planos de pagamento:

    Modelo de preços: Assinatura

    Teste Grátis: Disponível

    Contact Black Duck Hub for detailed pricing information.

    P: Quais são os principais recursos do Black Duck Hub?

    O Black Duck Hub oferece os seguintes recursos:

    • API
    • API availability
    • Activity monitoring
    • Activity tracking
    • Agile development
    • Application security
    • Approval process control
    • Asset tracking
    • Audit management
    • Automated scanning
    • Bills of material
    • Binary separation
    • Container security
    • Data mapping
    • Knowledge base
    • License management
    • Open source audits
    • Open source compliance
    • Open source security
    • PDF protection
    • Policy management
    • Progress tracking
    • Risk assessment
    • Third party integration
    • Tracking features
    • Trial license
    • Vulnerability analysis
    • Vulnerability data

    P: Quem costuma usar o Black Duck Hub?

    Os clientes habituais do Black Duck Hub são:

    Grandes empresas, Empresas de médio porte

    P: Em que idioma o Black Duck Hub está?

    O Black Duck Hub está nos seguintes idiomas:

    Inglês

    P: Que tipo de planos o Black Duck Hub oferece?

    O Black Duck Hub tem os seguintes planos de preços:

    Assinatura

    P: O Black Duck Hub é compatível com disponíveis móveis?

    Não temos informações sobre os dispositivos compatíveis com o Black Duck Hub.

    P: O Black Duck Hub se integra com quais outros aplicativos?

    O Black Duck Hub se integra com os seguintes aplicativos:

    Eclipse, Jira Service Desk, Microsoft Visual Studio, OpenShift

    P: Que nível de suporte o Black Duck Hub oferece?

    O Black Duck Hub oferece as seguintes opções de suporte:

    Suporte por telefone, Suporte online, Base de conhecimento