TrustRadius
SecOps made easy!!!Black Duck provides our complete organization an easy way to manage our open source components used in our code repositories. It promisingly keeps track of the security vulnerabilities or license management, where I do not have to worry where to check for the vulnerabilities and open source components license issues which can be devastating. And with Black Duck, I now stay on top in managing my open source code. Black Duck orchestrates and allows us the visibility and control we need to manage and control open source components.,Quick inventory scan: Black Duck helps us scan the code repositories in no time. And quickly list the components and I now really know what is in my code. Security and License risk management: Black Duck being rich in its knowledge base about the vulnerabilities and license issues of open source components, quickly compares the identified inventory to the Black Duck knowledge base and lists all the vulnerabilities and license issues in the code. Integration for automatic scanning: Black Duck is part of devops which provides us automatic scanning. Black Duck is not just for devops but also SecOps.,Governance: I am expecting better governance of teams. I have various teams using the capacity. And I am quite unsure or have to spend more time in figuring out which team is using how much. Tenancy: Black Duck can come up with something called tenancy. Like team A, a separate hyperlink for them. A kind of a zone where the admins or users have complete view of team A.,10,Increased time to market Dwells well with devops Significantly negates the speck of a chance of security risks in a software release Orchestrates the policies,Vega,VMware ESXi, VMware NSX, VMware Service Manager, VMware Business Continuity & Disaster Recovery, Cisco Unified Computing System Manager, Cisco UCS B-Series, Cisco UCS C-Series, EMC Clariion CX4 Series, Dell EMC Unity, EMC Documentum, Data Domain, JIRA Software, Jenkins, Atlassian Confluence, Bitbucket, Amazon Elastic Compute Cloud (EC2), Amazon Relational Database Service, AWS Elastic Beanstalk, AWS Lambda, Microsoft Azure, Microsoft Access, Azure SQL Database, Azure API Management,10,NoGreat open source governance tool that protects our IP!Black Duck Hub is being used across our organization to enforce a robust open source software usage policy. It helps us ensure that we are protecting our intellectual property from open source license risk.,Black Duck Hub performs scans very quickly Black Duck Hub is easy to use Black Duck Hub has a robust set of integrations available for CI tools such as Jenkins and Bamboo Black Duck has the most extensive open source KB in the industry,License model based on usage is costly. Documentation is extensive, but often confusing. Black Duck Hub could use some feature improvements for more robust governance capabilities,9,It is hard to measure ROI since Black Duck Hub saves us from costly legal battles that have thankfully never had to happen.,
Unspecified
Black Duck
4 Ratings
Score 8.9 out of 101
TRScore

Black Duck Reviews

Black Duck
4 Ratings
Score 8.9 out of 101
Show Filters 
Hide Filters 
Filter 4 vetted Black Duck reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-2 of 2)
  Vendors can't alter or remove reviews. Here's why.
Rajiv Aradhyula profile photo
December 12, 2017

Black Duck Review: "SecOps made easy!!!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Black Duck provides our complete organization an easy way to manage our open source components used in our code repositories. It promisingly keeps track of the security vulnerabilities or license management, where I do not have to worry where to check for the vulnerabilities and open source components license issues which can be devastating. And with Black Duck, I now stay on top in managing my open source code. Black Duck orchestrates and allows us the visibility and control we need to manage and control open source components.
  • Quick inventory scan: Black Duck helps us scan the code repositories in no time. And quickly list the components and I now really know what is in my code.
  • Security and License risk management: Black Duck being rich in its knowledge base about the vulnerabilities and license issues of open source components, quickly compares the identified inventory to the Black Duck knowledge base and lists all the vulnerabilities and license issues in the code.
  • Integration for automatic scanning: Black Duck is part of devops which provides us automatic scanning. Black Duck is not just for devops but also SecOps.
  • Governance: I am expecting better governance of teams. I have various teams using the capacity. And I am quite unsure or have to spend more time in figuring out which team is using how much.
  • Tenancy: Black Duck can come up with something called tenancy. Like team A, a separate hyperlink for them. A kind of a zone where the admins or users have complete view of team A.
Well Suited:
1. Easily come out of pain to manage open source components. No worries, Black Duck is to the rescue, it takes care of your open source components in terms of license and security
2. SecOps eased with the super Black Duck

Less Suited:
I can't really come up with a scenario, where it can be less suited. Until you stop using open source components in your code. Which is quite impossible.
Read Rajiv Aradhyula's full review
Emmanuel Canaan profile photo
December 05, 2017

Black Duck Review: "Great open source governance tool that protects our IP!"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Black Duck Hub is being used across our organization to enforce a robust open source software usage policy. It helps us ensure that we are protecting our intellectual property from open source license risk.
  • Black Duck Hub performs scans very quickly
  • Black Duck Hub is easy to use
  • Black Duck Hub has a robust set of integrations available for CI tools such as Jenkins and Bamboo
  • Black Duck has the most extensive open source KB in the industry
  • License model based on usage is costly.
  • Documentation is extensive, but often confusing.
  • Black Duck Hub could use some feature improvements for more robust governance capabilities
This tool is well-suited as part of a continuous integration cycle and offers very good information about license, security and operational risks.
Read Emmanuel Canaan's full review

About Black Duck

Black Duck Technical Details

Operating Systems: Unspecified
Mobile Application:No