"When we built our business case for bringing in Black Duck, our internal information security group was a co-sponsor of the effort. This group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. This capability did not exist before, so this is huge."
"Automating the search and selection of OSS with Black Duck gives us the tools we need to put customers at ease."
"We connected with Black Duck several months before our IPO because our investors, our board and our management team felt it was important – critical, in fact – to understand the health of our source code in terms of security, quality and licensing."
"SFR chose Seeker to help prevent code vulnerabilities of web applications and obtain real-time results for quick remediation."
"Avira believes security is a right, not a privilege."
“With Black Duck, monitoring of third-party vulnerabilities is a required Trend Micro policy in order to release a product. Our product teams must perform Black Duck scans regularly and address discovered vulnerabilities in compliance with corporate policy. Our policy requires that all high or critical vulnerabilities with a CVSS score of seven or higher must be fixed.”
“Black Duck SCA is still relatively new to us, and we received a lot of help from the Black Duck support team to address some deployment issues we ran into. I’m happy to say Black Duck is now working like clockwork.”
“In 2014, when I came on board to manage the AppSec awareness and training program, we were looking at training for around 12,000 employees spread over 54 countries."
"Black Duck has become a standard part of our due diligence when we buy a software company."
“With the Black Duck Suite we found the right solution to execute our open source governance policy by providing a scalable and transparent approval process.”
“With the continuously increasing importance of open source software globally and SAP’s strategy to utilize the benefits that come with open source software, it was necessary for us to scale our open source-related processes through further automation. We conducted an exhaustive search of applications on the market, and the Black Duck Suite was the best solution we tested. The Black Duck Suite will help us further automate and scale our open source processes in order to support our open source software strategy.”
"Coverity is a cornerstone in building secure C code as part of our security development lifecycle."
“We have over a hundred products, with each of those products themselves having hundreds to thousands of different open source components. A decade ago, we had little concept of identifying and understanding open source security vulnerabilities in our BOM. The move to Black Duck was to address our not knowing about open source security issues. We recognized that we needed a solution to ensure we were tracking and managing open source and commercial components as part of our overall software security initiative.”
“All of our core products are using Code Center. About three years ago, we began to use Black Duck SCA when building the CI/CD process for our JDA Luminate product line, newly developed, SaaS-native products. Our goal is full migration to Black Duck SCA by the beginning of 2020.”
"Black Duck stands in a class of its own. From a return on investment standpoint, given the breadth of information we receive from the system and the ease of use, versus our expenditure, we find it to be a great investment. Life for us would be very difficult without Black Duck."
FeaturedCustomers has 1,861,943+ validated customer references
including reviews, case studies, success stories, customer stories,
testimonials and customer videos that will help you make better
software purchasing decisions.