"The real game-changer for us in choosing Black Duck was how it allowed us to not only look into our code base and establish a clean bill of materials, including all OSS components, but also that it allowed us to encourage and support greater use of open source in current …

Black Duck has helped us understand our overall security status, and find and fill security holes."

"Having a tool that lets us look at our code and look at what issues could be introduced enables us to be a lot more informed and have a higher degree of confidence that when we release software we’re not introducing additional risks."

"When we built our business case for bringing in Black Duck, our internal information security group was a co-sponsor of the effort. This group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. …

“A human only gets involved in the event of an exception. This saves a lot of time. For us, the main thing is to get out of development’s way. The old system really slowed down development, but with Black Duck, they don’t have to worry about filling out spreadsheets. Plus …

“We have over a hundred products, with each of those products themselves having hundreds to thousands of different open source components. A decade ago, we had little concept of identifying and understanding open source security vulnerabilities in our BOM. The move to Black Duck was to address our not knowing …

“All of our core products are using Code Center. About three years ago, we began to use Black Duck SCA when building the CI/CD process for our JDA Luminate product line, newly developed, SaaS-native products. Our goal is full migration to Black Duck SCA by the beginning of 2020.”

"We really want to push the envelope of security. Working with Synopsys helped us move closer to that goal."

“Black Duck SCA is still relatively new to us, and we received a lot of help from the Black Duck support team to address some deployment issues we ran into. I’m happy to say Black Duck is now working like clockwork.”

"Within six months of Black Duck onboarding, we were able to increase our PCI compliance from 40% to 100%."

“Identifying open source components and the different licensing types associated with the underlying source code was vital so that we could understand what risks and obligations potentially existed for us.”

“Security is a requisite in the FinTech space, Synopsys’ application validation program leverages Synopsys’ security testing technology and expertise to ensure that applications published on the FusionFabric.cloud platform are designed, developed, and deployed with the highest standards for security.”

“It was quickly established that Black Duck, as recommended by GENIVI, was indeed the best solution for the job.”

"ADP has successfully used Black Duck for audits for many years, but recently they outdid themselves. Due to internal issues, we called at noon one day asking for what we thought was the impossible, a next day delivery. Amazingly, Black Duck made it possible and had auditors work all night …

“We click one button to set up a CI plan, and it pulls in everything from Black Duck, Defensics, Coverity, and our other security analysis tools, and they automatically get plugged in and start generating reports and scans, and if a bug needs to be fixed, it gets into our …