Sunday, April 12, 2015

Black Duck's new Black Duck Hub open source security solution

Black Duck's new Black Duck Hub open source security solution helps development teams check the security of open source in their code bases.

Black Duck Software, a provider of solutions for managing open source software, has announced Black Duck Hub, a new open source security solution that helps security and development teams find and remediate open source vulnerabilities.
The Black Duck Hub helps users identify open source components used within their code, identify known security vulnerabilities, and triage, schedule, and track remediation.
“Most companies do not have an automated mechanism to identify new open source as it enters a code base,” said Bill Ledingham, executive vice president and chief technology officer at Black Duck Software, in a statement. “Moreover, they are unable to determine the actual risk and impact from vulnerabilities. Without this knowledge, companies have no way to triage and track vulnerability remediation efforts over time. The Black Duck Hub helps security and development teams identify and mitigate open source related risks across an application portfolio. The product’s ability to automatically map industry-identified security vulnerabilities to assess risk, prioritize issues, and track remediation means Black Duck is uniquely positioned in the market to provide the most comprehensive language coverage and dev-tools integration with integrated remediation tracking and management.”
Black Duck said on average, more than 30 percent of software deployed in most enterprises is open source software (OSS). Yet, few organizations have visibility into what open source is used and where. With more than 4,000 new open source vulnerabilities reported each year, understanding what open source is used within an organization is critical, the company said.
Post a Comment

PyeongChang Guide - Interactive City Guide

PyeongChang  Guide - Interactive City Guide Author: R.G.Richardson All new edition with Facebook, Duckduckgo and Baidu Search. No typing, j...