Black Duck - Open Source Audits


Black Duck is a comprehensive solution for managing security, license compliance, and code quality risks from using open-source in development.

4 min read

Black Duck SCA Dashboard

What is Black Duck?

Black Duck is a complete open source management solution, which fully discovers all open sources in your code.


It can map components to known vulnerabilities, and identify license and component quality risks. You can use Black Duck to set and enforce open source policies and integrate open source management into your DevOps environment. Additionally, Black Duck monitors and alerts you when new threats are reported.


Black Duck helps security and development teams identify and mitigate open source related risks across application portfolios.


Black Duck:

  • Scans and identifies open source software throughout your code base.
  • Maps vulnerabilities to your open source software.
  • Triages vulnerability results and tracks remediation.
  • Monitors for newly disclosed vulnerabilities in your open source code.
  • Finds and fixes open source vulnerabilities in applications and containers.
Black Duck SCA Scan Result

On this page:

Leave a Reply

Your email address will not be published. Required fields are marked *