Overview

Open source becomes more critical to the growth and success of global enterprises every day. Black Duck Software helps organizations get the most from open source, with solutions that preempt open source cyber attacks, ensure license compliance, and maximize developer productivity. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, Vancouver, London, Belfast, Northern Ireland, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing.

For Customers

Organizations worldwide use Black Duck’s industry-leading products to automate the process of securing and managing open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Mitigate security and compliance risks and automatically enforce open source policies using your existing development tools and processes.

For the Open Source Community

Black Duck community resources connect organizations to the world of open source, while helping open source developers connect with each other to find, utilize and contribute open source code.

  • The Black Duck Open Hub, the most comprehensive public directory of open source software, offers developers an in-depth look into individual open source projects for evaluating, tracking, and comparing over 550,000 projects. The Open Hub's project data is freely licensed under Creative Commons, enabling further analysis and tracking.
  • The Black Duck blog is a preeminent destination for open source industry experts to share news, trends and opinions about the adoption and enablement of open source.
  • Open Source Rookies of the Year is a Black Duck program recognizing the top open source projects initiated each year.
  • The Future of Open Source Survey is an annual gauge of key trends and the issues facing organizations in the open source community.

Products

Black Duck Hub: Black Duck Hub helps security and development teams identify and mitigate open source related risks across an application portfolio. Black Duck Hub continuously scans your projects for newly introduced open source, and helps you manage security vulnerabilities before they become problems. Updated regularly from the National Vulnerability Database (NVD) and using Black Duck’s exclusive Enhanced Vulnerability Detection capabilities to deliver more comprehensive and timely information, the Black Duck Hub KnowledgeBase™ maps open source libraries with critical metadata on vulnerabilities, licensing, community activity, and versions.

Black Duck Protex™: The industry’s leading solution for managing open source license compliance. Protex integrates with existing development tools to automatically scan, identify, and inventory open source software, allowing you to understand license obligations, conflicts and risks. This enables you to mitigate these risks by enforcing license compliance and corporate policy requirements.

Contracts

GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021


SEWP Contracts

SEWP V

Contract Number: Group A Small: NNG15SC03B Group D Other Than Small: NNG15SC27B Term: May 1, 2015 - April 30, 2020


State & Local Contracts

City of Seattle Contract

Contract #0000003265 Term: December 19, 2021

CMAS

Contract # CMAS 3-12-70-2247E Term: through September 30, 2017

eVA- Virginia's Total e-Procurement Solution

Vendor ID #: E51768

Fairfax County IT Hardware, Software, & Services

Virginia- Fairfax County CONTRACT EXPIRATION: October 4, 2020 (with 5 option years)

Ohio State Contract- 534354

Contract # 534354 Term: December 19, 2021

Orange County National IPA Co-Op

Through May 31, 2020 (with 2 option years)

VASCUPP

Contract Number: UVA1482501 Contract Term: May 2, 2014– December 19, 2021

VITA Contract

Term: through March 31, 2018


Resources

The Black Duck® KnowledgeBaseTM is the industry’s most comprehensive database of open source software and associated license and other information. It contains open source code from thousands of internet sites,from general-purpose repositories (e.g., github.com, Source-Forge.net, Savannah.gnu.org...

Open source software (OSS) is helping companies develop innovative products faster, cheaper, and more securely – but using OSS is only a piece of the logistical puzzle. Black Duck’s OSS Logistics solution helps companies deliver on the promise of open source by managing its flow throughout th...

Entersekt products secure millions of transactions each day by allowing financial institutions to communicate interactively with their customers through mobile devices. For its banking and other financial services customers, the security of the Entersekt product is of cardinal importance – as it i...

Docker containers are revolutionizing application packaging and distribution. They’re lightweight and easy to build, deploy, and manage. But what about security? Your containers include more than the applications your team builds. They also bundle all the third-party software and Linux modules tho...

ACCORDING TO SAP, more than 80 percent of all cyberattacks are happening on the application layer1, specifically targeting software applications rather than the network. Hackers take the easiest path when determining exploits and choose applications that offer the best attack surface opportunities. ...

Today, 85% of security attacks target software applications, according to SAP. Not surprisingly, there is an array of application security tools on the market to help companies address security risks, and they vary in both approach and coverage.

As Android continues to play a key role in the mobile world and beyond, organizations are realizing that they need to have a deeper understanding about what goes on inside Android. While Android is feature rich and free in terms of acquisition cost, it’s not a “free lunch.” Made of a comple...

Founded in 2003, ScienceLogic simplifies data center, cloud, system, and network monitoring with their all-in-one IT operations. Over 25,000 global service providers, enterprises, and government organizations rely on ScienceLogic every day to enhance their IT operations. With ScienceLogic’s platfo...

Founded in 2003, ScienceLogic simplifies data center, cloud, system, and network monitoring with their all-in-one IT operations. Over 25,000 global service providers, enterprises, and government organizations rely on ScienceLogic every day to enhance their IT operations. With ScienceLogic’s platfo...

Today’s security professionals understand that their organizations’ use of open source software (OSS) has the ongoing potential to introduce security vulnerabilities into their applications. Some sources of OSS are more reliable than others, and determining exactly where code originated ca...