"Black Duck stands in a class of its own. From a return on investment standpoint, given the breadth of information we receive from the system and the ease of use, versus our expenditure, we find it to be a great investment. Life for us would be very difficult without Black …

“The Black Duck Hub allows us to catch security vulnerabilities before our code goes out to clients.”

“It is very important to understand each team’s skills and take a down-to-earth approach. For example, sales and those who are not acquainted with software may not even understand what open source is, so it has to be explained. It is also very important not to just end up emphasizing …

“Identifying open source components and the different licensing types associated with the underlying source code was vital so that we could understand what risks and obligations potentially existed for us.”

"We connected with Black Duck several months before our IPO because our investors, our board and our management team felt it was important – critical, in fact – to understand the health of our source code in terms of security, quality and licensing."

"Having a tool that lets us look at our code and look at what issues could be introduced enables us to be a lot more informed and have a higher degree of confidence that when we release software we’re not introducing additional risks."

“Implementing Black Duck has given us a single tool to manage and mitigate vulnerabilities, allowing our development, operations, and security teams to see the status of our deployments, The product is easy and straightforward to use, and we’d recommend Black Duck to anyone looking into an SCA solution.”

“Black Duck confirmed our third-party software validation practices. Softegrity SpA, a Synopsys Software Integrity reseller partner, helped to support the relationship between Dextra Technology and Black Duck for this process. With Black Duck and Softegrity, we have partners that we can use to continue strengthening our internal toolchain so that …

“We have over a hundred products, with each of those products themselves having hundreds to thousands of different open source components. A decade ago, we had little concept of identifying and understanding open source security vulnerabilities in our BOM. The move to Black Duck was to address our not knowing …

“All of our core products are using Code Center. About three years ago, we began to use Black Duck SCA when building the CI/CD process for our JDA Luminate product line, newly developed, SaaS-native products. Our goal is full migration to Black Duck SCA by the beginning of 2020.”

“We selected Black Duck because of its KnowledgeBase of open source software. The maintenance of that KnowledgeBase was more robust than other solutions considered.”

Black Duck has helped us understand our overall security status, and find and fill security holes."

“Black Duck SCA is still relatively new to us, and we received a lot of help from the Black Duck support team to address some deployment issues we ran into. I’m happy to say Black Duck is now working like clockwork.”

"In light of this, OPPO strives to strengthen our technological capabilities in security and privacy protection, thus enhancing user experience. Through leveraging intelligence and interconnected scenarios, we are able to strengthen our competitiveness in security and gain users’ trust. This will also ensure that OPPO has sustainable developments. [That’s why] …

"Black Duck has become a standard part of our due diligence when we buy a software company."