Overall Satisfaction with Black Duck Suite
Black Duck provides our complete organization an easy way to manage our open source components used in our code repositories. It promisingly keeps track of the security vulnerabilities or license management, where I do not have to worry where to check for the vulnerabilities and open source components license issues which can be devastating. And with Black Duck, I now stay on top in managing my open source code. Black Duck orchestrates and allows us the visibility and control we need to manage and control open source components.
- Quick inventory scan: Black Duck helps us scan the code repositories in no time. And quickly list the components and I now really know what is in my code.
- Security and License risk management: Black Duck being rich in its knowledge base about the vulnerabilities and license issues of open source components, quickly compares the identified inventory to the Black Duck knowledge base and lists all the vulnerabilities and license issues in the code.
- Integration for automatic scanning: Black Duck is part of devops which provides us automatic scanning. Black Duck is not just for devops but also SecOps.
- Governance: I am expecting better governance of teams. I have various teams using the capacity. And I am quite unsure or have to spend more time in figuring out which team is using how much.
- Tenancy: Black Duck can come up with something called tenancy. Like team A, a separate hyperlink for them. A kind of a zone where the admins or users have complete view of team A.
- Increased time to market
- Dwells well with devops
- Significantly negates the speck of a chance of security risks in a software release
- Orchestrates the policies
- Vega
Black Duck is an obvious choice, with its versatility, integration, best enterprise support and on top of the list the knowledge base Black Duck has.
Vega or Grabber also scans the application and tells about vulnerabilities. But it can never be compared with the feature set of Black Duck. Black Duck can also generate reports.
Vega or Grabber also scans the application and tells about vulnerabilities. But it can never be compared with the feature set of Black Duck. Black Duck can also generate reports.
Black Duck Suite Support
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |