54 Black Duck Testimonials

Industry
Company Size
15 per page
  • 15
Reset
  • "The real game-changer for us in choosing Black Duck was how it allowed us to not only look into our code base and establish a clean bill of materials, including all OSS components, but also that it allowed us to encourage and support greater use of open source in current and future projects."

  • "We engaged Black Duck audit services to do some open source scans of three codebases, to give us some confidence through the purchasing process of what exposures there might be from an open source risk perspective."

  • "Black Duck has become a standard part of our due diligence when we buy a software company."

  • “It was quickly established that Black Duck, as recommended by GENIVI, was indeed the best solution for the job.”

  • “Project managers can set policies for any given project and open Hub to get a full report on open source in use.”

  • “We would recommend Synopsys as a provider of a comprehensive set of holistic, complementary AppSec solutions, backed by a pool of sharp consultants who understand globally the industries they work with, as well as an organization’s unique processes. For a B2B global organization like MEGA, it’s a must.”

  • "We can get results from all the tools we use consolidated into one place, and get the results filtered down to only the information we need."

  • “With Black Duck, monitoring of third-party vulnerabilities is a required Trend Micro policy in order to release a product. Our product teams must perform Black Duck scans regularly and address discovered vulnerabilities in compliance with corporate policy. Our policy requires that all high or critical vulnerabilities with a CVSS score of seven or higher must be fixed.”

  • “We commissioned Synopsys consultants to help us develop an application security test orchestration solution that looks at the significance of code changes our developers make and the risk profile of the application they’re working on. In essence, we wanted to build an automated traffic cop to direct our security activities. What we now call Intelligent Orchestration moves those activities in the right direction without causing traffic snarls.”

  • “With the Black Duck Suite we found the right solution to execute our open source governance policy by providing a scalable and transparent approval process.”

  • “With the continuously increasing importance of open source software globally and SAP’s strategy to utilize the benefits that come with open source software, it was necessary for us to scale our open source-related processes through further automation. We conducted an exhaustive search of applications on the market, and the Black Duck Suite was the best solution we tested. The Black Duck Suite will help us further automate and scale our open source processes in order to support our open source software strategy.”

  • "Coverity is a cornerstone in building secure C code as part of our security development lifecycle."

  • “We click one button to set up a CI plan, and it pulls in everything from Black Duck, Defensics, Coverity, and our other security analysis tools, and they automatically get plugged in and start generating reports and scans, and if a bug needs to be fixed, it gets into our bug management system right away.”

  • "Without clear visibility into present risks, the development of requirements wasn’t progressing."

  • “Black Duck confirmed our third-party software validation practices. Softegrity SpA, a Synopsys Software Integrity reseller partner, helped to support the relationship between Dextra Technology and Black Duck for this process. With Black Duck and Softegrity, we have partners that we can use to continue strengthening our internal toolchain so that we maintain a high standard of source quality, avoiding potential risks.”