"When we built our business case for bringing in Black Duck, our internal information security group was a co-sponsor of the effort. This group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. This capability did not exist before, so this is huge."
“Black Duck SCA is still relatively new to us, and we received a lot of help from the Black Duck support team to address some deployment issues we ran into. I’m happy to say Black Duck is now working like clockwork.”
“Our customers are some of the most well-known companies in the technology industry, and their combined expectations, and the critical nature of the software that we provide for key management systems and hardware security modules, means that we must use every possible tool that is available to improve code quality, security, and stability.”
“We selected Black Duck because of its KnowledgeBase of open source software. The maintenance of that KnowledgeBase was more robust than other solutions considered.”
"Without clear visibility into present risks, the development of requirements wasn’t progressing."
“Even once we had an official policy in place, it was clear that we needed to bring all stakeholders on board with the importance of OSS license compliance in software development."
“It is very important to understand each team’s skills and take a down-to-earth approach. For example, sales and those who are not acquainted with software may not even understand what open source is, so it has to be explained. It is also very important not to just end up emphasizing risks, because that can discourage the use of OSS. While developer support is essential, if you can also involve marketing, sales, and call center agents in training activities, you can propel OSS governance.”
“A human only gets involved in the event of an exception. This saves a lot of time. For us, the main thing is to get out of development’s way. The old system really slowed down development, but with Black Duck, they don’t have to worry about filling out spreadsheets. Plus the legal team would have to get involved to vet each usage, and they don’t have to do this now. Changing a version doesn’t prompt all this work.”
"Seeker answered our integrations and automation needs. It provides training and knowledge to its users. Seeker is the perfect tool to help us improve our security practice to build excellent software."
"We engaged Black Duck audit services to do some open source scans of three codebases, to give us some confidence through the purchasing process of what exposures there might be from an open source risk perspective."
"SFR chose Seeker to help prevent code vulnerabilities of web applications and obtain real-time results for quick remediation."
“Essentially, from a technical standpoint, Black Duck met Entersekt’s checklist of what we needed in an open source vulnerability management solution better than any other vendor. The responsiveness and support from both its customer success and technical support teams also led us to make the business decision to select Black Duck.”
“We wanted a solution that could seamlessly integrate with our technology stack, was easy to use, and provided relevant feedback on mitigating any threats found in the open source used in our code and we wanted that to happen as early as possible in the development cycle.”
"Avira believes security is a right, not a privilege."
"We connected with Black Duck several months before our IPO because our investors, our board and our management team felt it was important – critical, in fact – to understand the health of our source code in terms of security, quality and licensing."
FeaturedCustomers has 1,822,618+ validated customer references
including reviews, case studies, success stories, customer stories,
testimonials and customer videos that will help you make better
software purchasing decisions.