Black Duck Hub and Fortify provide customers with comprehensive visibility and control of their application security risk profile by offering the ability to view the results of open source security testing along with application security scan results. This offers a more complete and effective way to manage your application security testing program.
Thousands of organizations worldwide use Black Duck Software products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck Hubhelps software development and security teams identify, manage and mitigate open source security, license compliance and code quality risks across application and container portfolios.
Key benefits of the integration of Black Duck Hub and Fortify include:
- Identify and inventory all open source in use with the Black Duck® KnowledgeBase – the world’s most complete open source database with detailed information on more than 2 million open source projects and 90,000+ known open source vulnerabilities and growing
- Map identified open source to known security vulnerabilities and assist with remediation prioritization
- Monitor and alert on newly reported open source security vulnerabilities
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Added vulnerability recommendation field to recommend remediation action.
Updated parser to work with 17.x SSC's new plugin framework, added additional columns in CSV file to improve auditing in Fortify UI
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox