Black Duck Software, the leading OSS Logistics solutions provider, today announced enhancements to its Black Duck Suite, which helps companies reap the benefits of open source software while actively managing associated logistical challenges, including licensing, operational, and security risks. In order to manage potential security risks associated with open source software, organizations need to identify and track the specific open source components in use and then map known security vulnerabilities to identify applications at risk. Black Duck has introduced new capabilities providing additional visibility into the remediation of identified issues.
New features in the Black Duck Suite add remediation tracking that helps organizations ensure open source security vulnerabilities are mitigated as planned. New vulnerability report filters help spotlight applications that are most vulnerable. Using the Black Duck software development kit (SDK), identified vulnerability information can be integrated with other internal systems. New security vulnerability rollup data from component level to application level increases visibility and understanding for users. Further, reminder emails with escalation options have been added, ensuring timely follow up.
“With open source playing a key role in the majority of software developed today, maintaining detailed visibility into what open source is in use in today’s fast paced development environment is critical,” said Bill Ledingham, executive vice president and CTO, Black Duck Software. “Staying on top of security vulnerabilities, licensing obligations, out-of-date versions, and community activity are all important dimensions to managing potential risks associated with open source use. Our new security capabilities provide additional visibility and tracking that ensures vulnerabilities are remediated. This helps companies stay in control and safely accelerate open source adoption.”
The Black Duck Suite helps companies realize the power of a comprehensive OSS Logistics solution – automating the management of open source code from its entry into the organization, throughout the development process, and across the supply chain. It provides organizations with continuous visibility into their codebase, allowing for integrated management of open source from choosing, approving, and scanning OSS code, to cataloging, securing, and delivering code they can be confident in.
For more information on the Black Duck Suite: https://www.blackducksoftware.com/products/black-duck-suite.