Sobre o Black Duck

Black Duck is an open source management software used by web developers and legal and security teams to discover, monitor, and manage open source vulnerabilities and license compliance. It uses a unique multi-factor detection technology to ensure security in code, binaries, and containers, and it allows the user to set open source security and use policies. Black Duck automatically scans for vulnerabilities and produces a comprehensive Bill of Materials to track identified risks. With Synopsys, your organization benefits from use of the Black Duck Knowledge Base, which contains over 4.5 million open source projects and 2,750 open source licenses, providing the most complete and comprehensive security coverage in the industry.

Preços a partir de:

N/A

  • Versão gratuita
  • Teste Grátis
  • Assinatura

5 principais alternativas ao Black Duck

Principais benefícios do Black Duck

  • Detect partial and modified components.
  • Identify and inventory open source software used in applications.
  • Map components to known vulnerabilities and license requirements.
  • Continuously monitor and alert for new open source vulnerabilities.
  • Assist teams in remediation with orchestration and policy enforcement.

  • Dispositivos

    Porte da empresa

    P M G

    Mercados

    Áustria, Austrália, Bélgica, Canadá, Suíça e outros 23, China, Alemanha, Dinamarca, Espanha, Finlândia, França, Reino Unido, Grécia, Irlanda, Israel, Índia, Islândia, Itália, Japão, Coreia do Sul, Países Baixos, Noruega, Polônia, Portugal, Suécia, Singapura, Taiwan, Estados Unidos

    Idiomas

    chinês, inglês, japonês

    Preços a partir de:

    N/A

    • Versão gratuita
    • Teste Grátis
    • Assinatura

    5 principais alternativas ao Black Duck

    Imagens

    Black Duck Software - 1
    Ver mais 2
    Black Duck - Vídeo
    Black Duck - Vídeo
    Black Duck Software - 1

    Recursos

    Total de recursos do Black Duck: 26

    • API
    • Acompanhamento de atividades
    • Alertas de riscos
    • Análise de dados de riscos
    • Auditoria de segurança
    • Avaliação de riscos
    • Criptografia de aplicativo
    • Gerenciamento de usuários
    • Gestão de auditorias
    • Gestão de conformidade
    • Gestão de políticas
    • Integrações de terceiros
    • Inventário de licenças
    • Monitoramento
    • Monitoramento de contêineres
    • Notificações em tempo real
    • Priorização
    • Proteção de vulnerabilidades
    • Rastreamento de conformidade
    • Rastreamento de edição
    • Rastreamento de licenças
    • Registro de auditoria
    • Relatórios e análise de dados
    • Relatórios e estatística
    • Scanner de vulnerabilidades
    • Segurança de aplicativos

    Alternativas

    Syxsense

    4,7
    #1 alternativa ao Black Duck
    Syxsense is an endpoint security software designed to help SecOps departments, managed service providers (MSPs), and IT...

    Liongard

    4,7
    #2 alternativa ao Black Duck
    Liongard offers unified visibility to MSPs, allowing businesses to continuously collect data from applications, cloud...

    Onspring

    4,8
    #3 alternativa ao Black Duck
    Onspring is a cloud-based, no-code software for reporting, analysis, process management and coordination. Our connected...

    LogPoint

    4,9
    #4 alternativa ao Black Duck
    LogPoint's SIEM platform helps businesses secure data from threats & respond to cyberattacks in compliance with...

    Avaliações

    Classificação geral

    4,2 /5
    (29)
    Relação qualidade/preço
    3,8/5
    Recursos
    4/5
    Praticidade
    3,7/5
    Suporte ao cliente
    4,1/5

    Já tem o Black Duck?

    Ajude os compradores de software! As avaliações de programas ajudam outras pessoas a tomarem melhores decisões.

    Escreva uma avaliação!
    Exibindo 5 avaliações de 29
    Sharique K.
    Classificação geral
    • Setor: Hospitais e Saúde
    • Porte da empresa: 5.001-10.000 funcionários
    • Usado Diariamente durante Mais de um ano
    • Fonte da avaliação

    Classificação geral

    • Relação qualidade/preço
    • Praticidade
    • Suporte ao cliente
    • Probabilidade de recomendação 9.0 /10

    Black Duck - The goto tool for Software Composition Analysis

    Avaliado em 11/08/2021

    Excellent experience starting from the concept phase, evaluation phase and then later the complete...

    Excellent experience starting from the concept phase, evaluation phase and then later the complete implementation. Its a great tool in the domain of security and a must have

    Vantagens

    An updated vulnerability list and ease of Maintainance and administration are the key features of the tool. Moreover, its a breeze to integrate with various CI/CD toolsets ensuring a great DevSecOps practice

    Desvantagens

    I guess in general DevSecOps is still a recent phenomenon and developers and engineers need to get themselves well acquainted with such security concepts

    Rajiv A.
    Classificação geral
    • Usado Diariamente durante 6 a 12 meses
    • Fonte da avaliação

    Classificação geral

    • Relação qualidade/preço
    • Praticidade
    • Suporte ao cliente
    • Probabilidade de recomendação 10.0 /10

    The ease of identifying and managing the open source code vulnerabilities and license risks.

    Avaliado em 29/08/2017

    Ease in identifying the security exposures and hidden vulnerabilities created by open source...

    Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
    Time to market is faster for identifying the vulnerabilities early during the development stage.
    open source license management becomes so easy now.

    Vantagens

    The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
    Time to market is faster for identifying the vulnerabilities early during the development stage.
    open source license management becomes so easy now.
    The product is really amazing already. Hub knowledge bases are huge and growing day by day.

    Desvantagens

    Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

    Pete T.
    Classificação geral
    • Setor: Bancos
    • Porte da empresa: 1.001-5.000 funcionários
    • Usado Semanal durante 6 a 12 meses
    • Fonte da avaliação

    Classificação geral

    • Relação qualidade/preço
    • Praticidade
    • Suporte ao cliente
    • Probabilidade de recomendação 7.0 /10

    Great software which I believe in, but not a pain free experience.

    Avaliado em 26/07/2017

    Ability to detect open source vulnerabilities in our code.

    Ability to detect open source vulnerabilities in our code.

    Vantagens

    Ability to detect open source vulnerabilities in our code. Pre-sales contact & support was good (demo, trial etc). Clean interface. Performance improved in v4.0.0.

    Desvantagens

    Difficult installation process, made more complicated with the introduction of Docker in v4.0.0 & with introduction of mandatory SSL/TLS web server certificate which requires troubleshooting trust issues. Support team are reluctant to pick up the phone or enter into telephone support, with sporadic email communication being the favoured option. Some gaps in documentation. Why is there no pre-built Black Duck Hub virtual appliance that I can drop into VMware? No documentation for implementing with vSphere Integrated Containers (VIC), only documentation for Docker & Openshift. Reporting improvements still to be made.

    Resposta do Black Duck

    Thank you for providing feedback about your experience with Black Duck Hub. We¿re so sorry you are having issues ¿ and we¿d like to work together to fix that. We have escalated your case so that we can resolve it quickly.

    Our customer support team strives to provide support in the way that works best for you, so we noted in your account that you prefer to be reached via phone. A senior support representative will reach out to you via phone.

    Many of the issues you experienced during deployment were due to our old AppMgr architecture. The new Docker deployment is a more stable environment built to fix many of the issues you experienced. The Docker deployment can be harder to implement and run the first time; our senior support representative will be guiding you through this process. We will do better next time you have an issue; please escalate any issues you have to your Customer Success Manager.

    Marco I.
    Classificação geral
    • Setor: Software
    • Porte da empresa: 1.001-5.000 funcionários
    • Usado Diariamente durante 1 a 5 meses
    • Fonte da avaliação

    Classificação geral

    • Relação qualidade/preço
    • Praticidade
    • Suporte ao cliente
    • Probabilidade de recomendação 10.0 /10

    Using Black Duck HUB for Open Source Governance in software projects.

    Avaliado em 30/09/2017

    We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a...

    We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

    Vantagens

    We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
    A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
    The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
    In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
    Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
    What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
    Last but not least the technical support and customer care is really good.

    Desvantagens

    Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

    Ramani S.
    Classificação geral
    • Usado Semanal durante Mais de um ano
    • Fonte da avaliação

    Classificação geral

    • Relação qualidade/preço
    • Praticidade
    • Suporte ao cliente

    So far my experience with BlackDuck is great. I have seen almost positive response pretty much

    Avaliado em 29/06/2017

    Vantagens

    I like BD Hub when compare to Protex and CodeCenter. It's easy to handle and all in place rather than 2 legs at 2 different places. I have seen little issue with GUI provided along with Hub bit it's managable. The integration with Hub was easy along with Jenkins, Coverity, Jira and other tools. If properly integrated BD Hub along with Jenkins then the issue can be identified with Opertaional/Vulnerability/License much earlier than later. The Hub version of current one in-terms installation looks easy as one bundle instead of few different add-ons as prior. I had little issues while installation since of pre required suff with Linux lsb since it had multiple dependencies, otherwise it was easy to breeze through. Overall, my experience is good so far.

    Desvantagens

    I have only exposures to 3 BD softwares Protex, CodeCenter and Hub. Out of it, I like Protex as least one. Since it was NOT very much user friendly. It's my experience but could have been better.

    Resposta do Black Duck

    Thank you for sharing your feedback. We agree with you - the integrations for Hub make identifying open source risks earlier in the SDLC much simpler. Please reach out to support if you have any questions.

    Exibindo 5 avaliações de 29 Leia todas as avaliações

    Perguntas frequentes sobre o Black Duck

    Abaixo estão algumas perguntas frequentes sobre o Black Duck.

    O Black Duck oferece os seguintes planos de pagamento:

    • Teste Grátis: Não disponível

    Os clientes habituais do Black Duck são:

    2-10, 11-50, 51-200, 201-500, 501-1.000, 1.001+

    O Black Duck está nos seguintes idiomas:

    chinês, inglês, japonês

    O Black Duck é compatível com os seguintes dispositivos:

    O Black Duck se integra com os seguintes aplicativos:

    Cloud Foundry, Codeship, Docker, Eclipse, GitHub, GitLab, Google Cloud Platform, IntelliJ IDEA, Jenkins, Jira, Mercurial, Microsoft Azure, Microsoft Visual Studio, OpenShift, PhpStorm, PyCharm, Slack, Teamcity, ThreadFix, Travis CI, VMware Tanzu, WebStorm, ZeroNorth

    O Black Duck oferece as seguintes opções de suporte:

    Email/Help Desk, FAQs/Fórum, Base de conhecimento, Suporte por telefone, Assistência 24/7

    Categorias relacionadas

    Veja todas as categorias de software encontradas para Black Duck.