Don’t Fly Blind

There’s a 98% chance your code base contains unreported and untracked open source. 
What’s hiding in your code?

Stay Secure

Thousands of new open source vulnerabilities are publicly disclosed each year. 
Which ones affect you?

Maintain Compliance

Open source license violations can result in costly litigation and lost intellectual property. 
What’s your exposure?

Organizations worldwide use Black Duck to secure and manage the open source software in their applications and containers.

Inventory

Open Source Software

Map

Known Security Vulnerabilities

Identify

License & Quality Risks

Manage

Open Source Risk Policies

Alert

On New Security Threats

The Black Duck KnowledgeBase™

The constantly expanding, definitive source for information on open source projects, vulnerabilities, and licenses.

Learn More

  • Our information security group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. This capability did not exist before, so this is huge.

    - Kostas Gaitanos , Senior Director of Development Services, FINRA

  • We connected with Black Duck several months before our IPO because our investors, our board and our management team felt it was important – critical, in fact – to understand the health of our source code in terms of security, quality and licensing.

    - Danielle Sheer, Vice President, General Counsel and Corporate Secretary, Carbonite

  • Black Duck stands in a class of its own. From a return on investment standpoint, given the breadth of information we receive from the system and the ease of use, versus our expenditure, we find it to be a great investment. Life for us would be very difficult without Black Duck.

    - Igor Lekht, Sr. Vice President AxiomSL
DDoS Attack on Dyn: IoT Vulnerabilities
Featured Blogs

DDoS Attack on Dyn: IoT Vulnerabilities

The attack on Dyn comes shortly after a pair of other massive DDoS attacks. Here's how DDoS attacks works, the impact of IoT devices, and the damage caused.

View Now
Open Source in Application Security
Infographics

Open Source in Application Security

Open source code use continues to grow in application development, but security investment priorities don't match threats - check out the infographic.

View Now
Entersekt: Automating Open Source Vulnerability Management
Case Studies

Entersekt: Automating Open Source Vulnerability Management

Entersekt moved code validation earlier in the SDLC and automated their manual open source vulnerability management processes.

View Now

Events

01.23.17
AppSec California
City: Santa Monica, CA
02.13.17
RSA Conference 2017
City: San Francisco, CA
02.21.17
Container World
City: Santa Clara, CA
See all Events

Webinars

01.19.17
Risk-Ranking Open Source Vulnerabilities
See all Webinars

Press Releases

11.14.16
Black Duck Receives M&A Advisor Award for Financial and Professional Services Product/Service of the Year
10.18.16
Black Duck Forms Open Source Security Research Group in Northern Ireland
09.08.16
Former Defense Intelligence Agency Head Michael T. Flynn to Deliver Keynote at Black Duck’s “Flight16” Cybersecurity-focused User Conference
See all Press Releases
Follow us online