“We commissioned Synopsys consultants to help us develop an application security test orchestration solution that looks at the significance of code changes our developers make and the risk profile of the application they’re working on. In essence, we wanted to build an automated traffic cop to direct our security activities. …

"Automating the search and selection of OSS with Black Duck gives us the tools we need to put customers at ease."

“It is very important to understand each team’s skills and take a down-to-earth approach. For example, sales and those who are not acquainted with software may not even understand what open source is, so it has to be explained. It is also very important not to just end up emphasizing …

“Project managers can set policies for any given project and open Hub to get a full report on open source in use.”

"We engaged Black Duck audit services to do some open source scans of three codebases, to give us some confidence through the purchasing process of what exposures there might be from an open source risk perspective."

"Seeker answered our integrations and automation needs. It provides training and knowledge to its users. Seeker is the perfect tool to help us improve our security practice to build excellent software."

"We can get results from all the tools we use consolidated into one place, and get the results filtered down to only the information we need."

"When we built our business case for bringing in Black Duck, our internal information security group was a co-sponsor of the effort. This group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. …

“A human only gets involved in the event of an exception. This saves a lot of time. For us, the main thing is to get out of development’s way. The old system really slowed down development, but with Black Duck, they don’t have to worry about filling out spreadsheets. Plus …

"Black Duck security experts have been highly responsive and provide us with high-quality subject matter expertise that helps us remediate and mitigate vulnerabilities accurately and efficiently."

“With Synopsys Coverity and Black Duck solutions, we were able to achieve our safety and quality standard certifications.”

"Black Duck stands in a class of its own. From a return on investment standpoint, given the breadth of information we receive from the system and the ease of use, versus our expenditure, we find it to be a great investment. Life for us would be very difficult without Black …

"Without clear visibility into present risks, the development of requirements wasn’t progressing."

“Black Duck confirmed our third-party software validation practices. Softegrity SpA, a Synopsys Software Integrity reseller partner, helped to support the relationship between Dextra Technology and Black Duck for this process. With Black Duck and Softegrity, we have partners that we can use to continue strengthening our internal toolchain so that …

“With Black Duck, monitoring of third-party vulnerabilities is a required Trend Micro policy in order to release a product. Our product teams must perform Black Duck scans regularly and address discovered vulnerabilities in compliance with corporate policy. Our policy requires that all high or critical vulnerabilities with a CVSS score …