"The real game-changer for us in choosing Black Duck was how it allowed us to not only look into our code base and establish a clean bill of materials, including all OSS components, but also that it allowed us to encourage and support greater use of open source in current and future projects."
“Black Duck SCA is still relatively new to us, and we received a lot of help from the Black Duck support team to address some deployment issues we ran into. I’m happy to say Black Duck is now working like clockwork.”
At day’s end, we have assurance that there’s no red flags or potential issues—that’s the value of Black Duck audits."
"Seeker answered our integrations and automation needs. It provides training and knowledge to its users. Seeker is the perfect tool to help us improve our security practice to build excellent software."
“We wanted to clearly demonstrate that our solutions have been rigorously tested to protect our customer’s products and applications.”
“We commissioned Synopsys consultants to help us develop an application security test orchestration solution that looks at the significance of code changes our developers make and the risk profile of the application they’re working on. In essence, we wanted to build an automated traffic cop to direct our security activities. What we now call Intelligent Orchestration moves those activities in the right direction without causing traffic snarls.”
“In 2014, when I came on board to manage the AppSec awareness and training program, we were looking at training for around 12,000 employees spread over 54 countries."
“We would recommend Synopsys as a provider of a comprehensive set of holistic, complementary AppSec solutions, backed by a pool of sharp consultants who understand globally the industries they work with, as well as an organization’s unique processes. For a B2B global organization like MEGA, it’s a must.”
“We click one button to set up a CI plan, and it pulls in everything from Black Duck, Defensics, Coverity, and our other security analysis tools, and they automatically get plugged in and start generating reports and scans, and if a bug needs to be fixed, it gets into our bug management system right away.”
"What Black Duck does is put a light on open source code problems prior to release of a new version of our product. It’s helped us correct issues, plus ensure we don’t have similar issues in the future."
"Avira believes security is a right, not a privilege."
We took the path of looking into tools to improve code quality and security as early as possible in the development lifecycle."
“Identifying open source components and the different licensing types associated with the underlying source code was vital so that we could understand what risks and obligations potentially existed for us.”
“With the Black Duck Suite we found the right solution to execute our open source governance policy by providing a scalable and transparent approval process.”
“With the continuously increasing importance of open source software globally and SAP’s strategy to utilize the benefits that come with open source software, it was necessary for us to scale our open source-related processes through further automation. We conducted an exhaustive search of applications on the market, and the Black Duck Suite was the best solution we tested. The Black Duck Suite will help us further automate and scale our open source processes in order to support our open source software strategy.”