"Having a tool that lets us look at our code and look at what issues could be introduced enables us to be a lot more informed and have a higher degree of confidence that when we release software we’re not introducing additional risks."

"Avira believes security is a right, not a privilege."

“Even once we had an official policy in place, it was clear that we needed to bring all stakeholders on board with the importance of OSS license compliance in software development."

"What Black Duck does is put a light on open source code problems prior to release of a new version of our product. It’s helped us correct issues, plus ensure we don’t have similar issues in the future."

At day’s end, we have assurance that there’s no red flags or potential issues—that’s the value of Black Duck audits."

“Our customers are some of the most well-known companies in the technology industry, and their combined expectations, and the critical nature of the software that we provide for key management systems and hardware security modules, means that we must use every possible tool that is available to improve code quality, …

"We can get results from all the tools we use consolidated into one place, and get the results filtered down to only the information we need."

Black Duck has helped us understand our overall security status, and find and fill security holes."

“From being concerned that Coverity would slow development or flood us with false positives, we think of Coverity as if it were a member of the software team.”

“We would recommend Synopsys as a provider of a comprehensive set of holistic, complementary AppSec solutions, backed by a pool of sharp consultants who understand globally the industries they work with, as well as an organization’s unique processes. For a B2B global organization like MEGA, it’s a must.”

"When we built our business case for bringing in Black Duck, our internal information security group was a co-sponsor of the effort. This group now has a significantly easier way to determine which artifacts and versions are affected by any security vulnerability and which applications are impacted as a result. …

“A human only gets involved in the event of an exception. This saves a lot of time. For us, the main thing is to get out of development’s way. The old system really slowed down development, but with Black Duck, they don’t have to worry about filling out spreadsheets. Plus …

"Automating the search and selection of OSS with Black Duck gives us the tools we need to put customers at ease."

"Within six months of Black Duck onboarding, we were able to increase our PCI compliance from 40% to 100%."

“It was quickly established that Black Duck, as recommended by GENIVI, was indeed the best solution for the job.”