Black Duck Hub

Black Duck Hub

Complete open source management solution

4.2/5 (27 avaliações)

Resumo do Black Duck Hub

Black Duck Hub is an open source management software for web developers to discover, monitor and manage open source security vulnerabilities and license compliance. Black Duck Hub enables users to automate the process of securing open source software and managing security vulnerabilities and open source license compliance and operational risk with scanning, monitoring, alerting technology.

Preços

A partir de
N/A
Opções de preços
Avaliação gratuita
Assinatura
Relação qualidade/preço

Dispositivos

Porte da empresa

P
M
G

Mercados

Estados Unidos

Idiomas

Inglês

Black Duck Hub - Avaliações

Classificação geral
4.2/5
85% avaliações positivas
11
Excelente
12
Muito bom
3
Regular
1
Ruim
0
Péssimo
Rajiv A.
Traduzir com Google

The ease of identifying and managing the open source code vulnerabilities and license risks.

Usado Diariamente durante 6 a 12 meses
Avaliado em 29/08/2017
Fonte da avaliação: Capterra

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

Vantagens

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
The product is really amazing already. Hub knowledge bases are huge and growing day by day.

Desvantagens

Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação

10.0/10
Marco I.
Traduzir com Google

Using Black Duck HUB for Open Source Governance in software projects.

Usado Diariamente durante 1 a 5 meses
Avaliado em 30/09/2017
Fonte da avaliação: Capterra

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

Vantagens

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
Last but not least the technical support and customer care is really good.

Desvantagens

Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação

10.0/10
Emmanuel C.
Traduzir com Google

Excellent open source governance tool!

Usado Diariamente durante 6 a 12 meses
Avaliado em 25/07/2017
Fonte da avaliação: Capterra

Vantagens

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

Desvantagens

The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Traduzir com Google

Resposta do Black Duck

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Ramani S.
Traduzir com Google

So far my experience with BlackDuck is great. I have seen almost positive response pretty much

Usado Semanal durante Mais de um ano
Avaliado em 29/06/2017
Fonte da avaliação: Capterra

Vantagens

I like BD Hub when compare to Protex and CodeCenter. It's easy to handle and all in place rather than 2 legs at 2 different places. I have seen little issue with GUI provided along with Hub bit it's managable. The integration with Hub was easy along with Jenkins, Coverity, Jira and other tools. If properly integrated BD Hub along with Jenkins then the issue can be identified with Opertaional/Vulnerability/License much earlier than later. The Hub version of current one in-terms installation looks easy as one bundle instead of few different add-ons as prior. I had little issues while installation since of pre required suff with Linux lsb since it had multiple dependencies, otherwise it was easy to breeze through. Overall, my experience is good so far.

Desvantagens

I have only exposures to 3 BD softwares Protex, CodeCenter and Hub. Out of it, I like Protex as least one. Since it was NOT very much user friendly. It's my experience but could have been better.

Traduzir com Google

Resposta do Black Duck

Thank you for sharing your feedback. We agree with you - the integrations for Hub make identifying open source risks earlier in the SDLC much simpler. Please reach out to support if you have any questions.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Franklin D.
Traduzir com Google

Pretty good at finding vulnerabilities; workflow to keep track of mitigations is hopeless

Usado Mensal durante Mais de dois anos
Avaliado em 28/07/2017
Fonte da avaliação: Capterra

We are able to anticipate the issues that our customers will find in our software when they scan it with Black Duck, before we ship to them. Thus, we can mitigate problems before they go out the door.

Vantagens

The new Hub product is very fast to scan software, and the UI is responsive and nice-looking. The Black Duck team is responsive to problems. They have made some of the improvements we've requested.

Desvantagens

There is no support for a workflow that keeps track of changes we make. There's no history of comments or changes. Updates made to one version of a project are not easily available to other versions, or to other projects that use the same components. It is frustrating to navigate -- often too many clicks to get to a related view, and then the scroll position is lost when you go back so you have to remember where you were, click to successive pages... clunky.

Traduzir com Google

Resposta do Black Duck

Thanks so much for your review ¿ we always value feedback and while we appreciate your complements, we also really appreciate your feedback on areas of improvement. As always, our product team values your insights to improve the experience and keep the bar high. Regarding change history and UI issues, we are working to continue improving this area, including visibility and ease of use in upcoming releases. Our latest 4.0 release made some changes to improve UI navigation (especially when navigating back to list screens) that should help ¿ please check it out and let us know your thoughts! Thanks again for your feedback.

Detalhamento da qualificação

Relação qualidade/preço
Praticidade
Suporte ao cliente

Probabilidade de recomendação

6.0/10

Preço do Black Duck Hub

A partir de
N/A
Opções de preços
Avaliação gratuita
Assinatura
Relação qualidade/preço

Contact Black Duck Hub for detailed pricing information.

Recursos do Black Duck Hub

  • API
  • Auditoria
  • Gestão de políticas
  • Integração de terceiros
  • Monitoramento

  • Alertas/transferência
  • Armazenamento de dados seguros
  • Autenticação
  • Autenticação de dois fatores
  • Controle do acesso
  • Gerenciamento de senhas
  • Gestão de conformidade
  • Gestão de permissões
  • Logon único
  • Monitoramento em tempo real
  • Notificações automáticas
  • Painel de atividades
  • Registro de auditoria
  • Relatórios e estatística
  • Segurança de SSL

Mais informações sobre Black Duck Hub

Principais recursos do Black Duck Hub

  • API
  • API availability
  • Activity monitoring
  • Activity tracking
  • Agile development
  • Application security
  • Approval process control
  • Asset tracking
  • Audit management
  • Automated scanning
  • Bills of material
  • Binary separation
  • Container security
  • Data mapping
  • Knowledge base
  • License management
  • Open source audits
  • Open source compliance
  • Open source security
  • PDF protection
  • Policy management
  • Progress tracking
  • Risk assessment
  • Third party integration
  • Tracking features
  • Trial license
  • Vulnerability analysis
  • Vulnerability data

Vantagens

  • Detect partial and modified components.
  • Identify and inventory open source software used in applications.
  • Map components to known vulnerabilities and license requirements.
  • Continuously monitor and alert for new open source vulnerabilities.
  • Assist teams in remediation with orchestration and policy enforcement.

  • Perguntas frequentes sobre o Black Duck Hub

    Abaixo estão algumas perguntas frequentes sobre o Black Duck Hub.

    P: Que tipo de planos o Black Duck Hub oferece?

    O Black Duck Hub oferece os seguintes planos de pagamento:

    Modelo de preços: Assinatura

    Avaliação gratuita: Disponível

    Contact Black Duck Hub for detailed pricing information.

    P: Quais são os principais recursos do Black Duck Hub?

    O Black Duck Hub oferece os seguintes recursos:

    • API
    • API availability
    • Activity monitoring
    • Activity tracking
    • Agile development
    • Application security
    • Approval process control
    • Asset tracking
    • Audit management
    • Automated scanning
    • Bills of material
    • Binary separation
    • Container security
    • Data mapping
    • Knowledge base
    • License management
    • Open source audits
    • Open source compliance
    • Open source security
    • PDF protection
    • Policy management
    • Progress tracking
    • Risk assessment
    • Third party integration
    • Tracking features
    • Trial license
    • Vulnerability analysis
    • Vulnerability data

    P: Quem costuma usar o Black Duck Hub?

    Os clientes habituais do Black Duck Hub são:

    Grandes empresas, Empresas de médio porte

    P: Em que idioma o Black Duck Hub está?

    O Black Duck Hub está nos seguintes idiomas:

    Inglês

    P: Que tipo de planos o Black Duck Hub oferece?

    O Black Duck Hub tem os seguintes planos de preços:

    Assinatura

    P: O Black Duck Hub é compatível com disponíveis móveis?

    Não temos informações sobre os dispositivos compatíveis com o Black Duck Hub.

    P: O Black Duck Hub se integra com quais outros aplicativos?

    O Black Duck Hub se integra com os seguintes aplicativos:

    Eclipse, Jira Service Desk, Microsoft Visual Studio Online, OpenShift

    P: Que nível de suporte o Black Duck Hub oferece?

    O Black Duck Hub oferece as seguintes opções de suporte:

    Base de conhecimento, Suporte online, Suporte por telefone