Who Uses This Software?

Jenkins, SonarQube, Artifactory, Nexus, Eclipse, Maven, Rational Team Concert Integration, Team City, IntelliJ IDEA


Average Ratings

26 Reviews
  • 4 / 5
    Overall
  • 3.5 / 5
    Ease of Use
  • 4 / 5
    Customer Service

Product Details

  • Starting Price
    $5,000.00
  • Deployment
    Cloud, SaaS, Web
    Installed - Windows
  • Training
    Documentation
    Webinars
  • Support
    Online
    Business Hours
    24/7 (Live Rep)

Vendor Details

  • Black Duck
  • www.blackducksoftware.com
  • Founded 2002
  • United States

About Black Duck Hub

Organizations worldwide use Black Duck Softwares industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in Mountain View, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.


Black Duck Hub Features

  • Anti Spam
  • Anti Virus
  • Audit Trail
  • Compliance Management
  • Database Security Audit
  • File Access Control
  • Financial Data Protection
  • Maintenance Scheduling
  • Real Time Monitoring
  • Security Event Log
  • Virus Definition Update
  • Vulnerability Protection
  • Bandwidth Monitoring
  • Baseline Manager
  • Diagnostic Tools
  • Internet Usage Monitoring
  • IP Address Monitoring
  • Real Time Analytics
  • Resource Management
  • Server Monitoring
  • SLA Monitoring
  • Uptime Monitoring
  • Web Traffic Reporting
  • Anti Spam
  • Anti Virus
  • Email Attachment Protection
  • Event Tracking
  • Internet Usage Monitoring
  • Intrusion Detection System
  • IP Protection
  • Spyware Removal
  • Two-Factor Authentication
  • Vulnerability Scanning
  • Web Threat Management
  • Web Traffic Reporting

Black Duck Hub Reviews Recently Reviewed!

Black Duck does not provide integration with Eclipse (or other IDE)

Nov 08, 2017
3/5
Overall
1 / 5
Ease of Use
3 / 5
Features & Functionality
1 / 5
Customer Support
Likelihood to Recommend: 2.0/10 Not
Likely
Extremely
Likely

Pros: We have installed Black Duck hub and integrated with Bamboo. This is good for our pipeline workflow and subsequent analysis of findings.

Cons: Black Duck advertised Gradle support with an integration with Eclipse. The implementation only worked in a simple configuration of a Gradle project. Recently (11-8-2017) Black Duck informed us in a response not to the plugin for Eclispe. This is vital to our DevOps workflow where we want to enable developers to identify issues based on findings with Black Duck hub in their local Eclipse.

Using Black Duck HUB for Open Source Governance in software projects.

Sep 30, 2017
5/5
Overall
5 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
Last but not least the technical support and customer care is really good.

Cons: Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Overall: We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

The ease of identifying and managing the open source code vulnerabilities and license risks.

Aug 29, 2017
5/5
Overall
5 / 5
Ease of Use
5 / 5
Features & Functionality
3 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
The product is really amazing already. Hub knowledge bases are huge and growing day by day.

Cons: Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Overall:
Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

Easy to integrate with our Continuous Integration framework.

Aug 21, 2017
4/5
Overall
3 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: It is easy to interface with other services such as ticketing systems and the like. It is easy to get additional information about identified vulnerabilities.

Cons: The third category, operational risks, is not really clear and customer support initially suggested to ignore them. I am still confused by how the rating is done although it could be valuable.

Open Software Software Governance

Aug 11, 2017
5/5
Overall
5 / 5
Ease of Use
5 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: Blackduck is the industry leader in Open Source Software governance. Black Duck enable us to not only look into our code base and establish a clean bill of materials, including all OSS components,

Cons: Blackduck software is stands in par with other open source software governance solutions. Obviously there some feature other comparable solutions does better than then Blackduck. Blackducks development team is accommodating for feature request enhancements.

Helps identify the open source software in use in our projects.

Aug 07, 2017
4/5
Overall
5 / 5
Ease of Use
4 / 5
Features & Functionality
4 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Works well and is not overly complicated to maintain. Company is very responsive to any false findings the tool reports.

Cons: Some of the upgrades did not go smoothly. Some of the information that most IT departments require seems to be missing from the documentation. The group roles (ie Policy manager) would be nice to assign on a project by project basis as opposed to site wide.

Vendor Response

by Black Duck on August 28, 2017

We are glad you find our team responsive to your needs. Hopefully our new, container based architecture helps address the upgrade issues (if you haven¿t heard about it yet, check out the video here: https://www.youtube.com/watch?v=kvkqzFm4bgA&t=1s). We know that user and role management are important features and we continually enhance them based on customer feedback. We appreciate your feedback and will reach out to make sure we understand all the specifics to help guide future consideration.

implementation is very difficult

Aug 02, 2017
3/5
Overall
1 / 5
Ease of Use
3 / 5
Features & Functionality
5 / 5
Customer Support
2 / 5
Value for Money
Likelihood to Recommend: 5.0/10 Not
Likely
Extremely
Likely

Pros: fast turnaround and ability to dig into results at the file level. That's about it. Nothing more to say.

Cons: implementation is very difficult, and support for python appears to be based around libraries, not applications.

Vendor Response

by Black Duck on August 28, 2017

Thank you for your review. We have recently released a new deployment architecture with Hub 4.0 that should help alleviate some of that pain. Hub 4.1 includes improving python support with our brand new Hub Detect feature (check out the video here: https://www.youtube.com/watch?v=_4v2WwVQs1I). Our team will reach out to discuss your feedback and help answer any questions regarding the new features.

Technical Customer support is not good taking ages to resolve the issue

Aug 01, 2017
2/5
Overall
2 / 5
Ease of Use
3 / 5
Features & Functionality
1 / 5
Customer Support
1 / 5
Value for Money
Likelihood to Recommend: 2.0/10 Not
Likely
Extremely
Likely

Pros: After upgrade to HUB4.0 software response is quick but lot of Issues with Certificates issues. Manual scan do not work on Linux servers

Cons: Web Interface and easy to the scan tool Web GUI performance is better then old version. Docker Containerized technology

Vendor Response

by Black Duck on August 28, 2017

Thanks for bringing this to our attention. We strive to make installs and upgrades as smooth as possible for our customers but unfortunately we can¿t always plan for all scenarios. We value your feedback and our support team will be reaching out.

Great experience. API needs a little work

Jul 31, 2017
5/5
Overall
4 / 5
Ease of Use
3 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: I love the ability to see at a glance detailed dependency information. Also being able to follow the breadcrumbs to CVE reports.

Cons: The REST API is extremely hard to work with and needs to be more user friendly. I want to be able to just get an API token and use it to make calls. Instead I have to scrape the JSESSIONCOOKIE id and use that. It's a lot of work.

Overall: Lots of information readily available

Vendor Response

by Black Duck on August 28, 2017

Thanks for sharing your experience ¿ we are so glad that you are finding value in Black Duck. We appreciate the feedback on the Rest API, and a member of our product team will be reaching out to better understand your current implementation and help recommend a solution.

Super fast, neat and top notch solution for Software Composition Analysis

Jul 31, 2017
5/5
Overall
5 / 5
Ease of Use
4 / 5
Features & Functionality
4 / 5
Customer Support
5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: The fact that it combines all three core areas of Open Source Security Management is a very deep advantage. whether the need is security or license risk management or operational risk concerns. Black Duck does it well and neat.
Also, the scan speed helps you quickly make a good case within the shortest possible time.
it can be delivered On premise, allowing the user company to keep their source code and not release their source code unlike some other solution.

Cons: the fact that the code base monitored. would have been nice if the solution could be project based pricing or perhaps priced as a function of the number of lines of code. Nonetheless, still a fantastic tool

Vendor Response

by Black Duck on August 09, 2017

Thank you for your feedback. We love hearing from our customers, and use this information to continuously improve our offering. Please contact support if you have any questions.

I couldn't find clear instructions on how to integrate scan with TFS builds.

Jul 31, 2017
4/5
Overall
2 / 5
Ease of Use
4 / 5
Features & Functionality
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: I like that identification of open source software is automatic for most part. Although after the first scan more than 800 open source component were not identified so I have to do it manually.

Cons: It's different links to change license and version. It would be nice to have one location to make all changes if needed.

Vendor Response

by Black Duck on August 09, 2017

Thanks for your feedback. Black Duck leverages multiple scanning techniques to get the most accurate number of matches for your codebase. We have launched Hub-Detect (https://www.github.com/blackducksoftware.com/hub-detect/), which is an umbrella implementation that leverages all our scanning techniques OTB! For your situation, you can invoke this implementation as a post-build step within your TFS job or alternatively, even run it from the command line. This ensures you have a single solution doing all your scans and ensuring you get complete results rolled up into your project. This implementation is available with your existing Hub license and can be downloaded from GitHub here (https://www.github.com/blackducksoftware.com/hub-detect/). As always, documentation for all our integrations will be on our public wiki space. Watch this space for the user guide at https://blackducksoftware.atlassian.net/wiki/spaces/INTDOCS/overview. Contact support if you need help.

just started using it

Jul 31, 2017
4/5
Overall
3 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: right now we have it setup to automatically scan using bamboo as the scheduler, we also set it up to email users using the hub apis to get the "failures" out to let developers know where issues are

Cons: being able to setup the repositories for internal vs externally facing code without getting help to do this

Overall: list of open source licenses as well as where our code is using these to validate we are using them correctly

Vendor Response

by Black Duck on August 28, 2017

Thanks for your review ¿ we¿re glad that you are able to understand your code better. Someone from our product team will be reaching out to better understand additional requirements and to help you get these deployed appropriately.

It's tooling to scan code

Jul 30, 2017
4/5
Overall
2 / 5
Ease of Use
3 / 5
Features & Functionality
4 / 5
Customer Support
1 / 5
Value for Money
Likelihood to Recommend: 6.0/10 Not
Likely
Extremely
Likely

Pros: save time for checking open source software and hiligh on source code that same open source software

Cons: Price very expensive and it's not license that 's software fee. it have to pay year by year. In my job work on embeded system, our code size is very small (under 100 kB). But Blackduck protex sell in minimum 1GB that is one reasone for pricing high.

Overall: Save my time

Vendor Response

by Black Duck on August 09, 2017

Thank you for providing your feedback. We love hearing from our customers! We're glad that our tools are helping you save time. If you need help with integrations or upgrades, please contact our customer support team.

Pretty good at finding vulnerabilities; workflow to keep track of mitigations is hopeless

Jul 28, 2017
4/5
Overall
2 / 5
Ease of Use
3 / 5
Features & Functionality
3 / 5
Customer Support
3 / 5
Value for Money
Likelihood to Recommend: 6.0/10 Not
Likely
Extremely
Likely

Pros: The new Hub product is very fast to scan software, and the UI is responsive and nice-looking. The Black Duck team is responsive to problems. They have made some of the improvements we've requested.

Cons: There is no support for a workflow that keeps track of changes we make. There's no history of comments or changes. Updates made to one version of a project are not easily available to other versions, or to other projects that use the same components. It is frustrating to navigate -- often too many clicks to get to a related view, and then the scroll position is lost when you go back so you have to remember where you were, click to successive pages... clunky.

Overall: We are able to anticipate the issues that our customers will find in our software when they scan it with Black Duck, before we ship to them. Thus, we can mitigate problems before they go out the door.

Vendor Response

by Black Duck on August 07, 2017

Thanks so much for your review ¿ we always value feedback and while we appreciate your complements, we also really appreciate your feedback on areas of improvement. As always, our product team values your insights to improve the experience and keep the bar high. Regarding change history and UI issues, we are working to continue improving this area, including visibility and ease of use in upcoming releases. Our latest 4.0 release made some changes to improve UI navigation (especially when navigating back to list screens) that should help ¿ please check it out and let us know your thoughts! Thanks again for your feedback.

Great software which I believe in, but not a pain free experience.

Jul 26, 2017
3/5
Overall
3 / 5
Ease of Use
3 / 5
Features & Functionality
2 / 5
Customer Support
2 / 5
Value for Money
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: Ability to detect open source vulnerabilities in our code. Pre-sales contact & support was good (demo, trial etc). Clean interface. Performance improved in v4.0.0.

Cons: Difficult installation process, made more complicated with the introduction of Docker in v4.0.0 & with introduction of mandatory SSL/TLS web server certificate which requires troubleshooting trust issues. Support team are reluctant to pick up the phone or enter into telephone support, with sporadic email communication being the favoured option. Some gaps in documentation. Why is there no pre-built Black Duck Hub virtual appliance that I can drop into VMware? No documentation for implementing with vSphere Integrated Containers (VIC), only documentation for Docker & Openshift. Reporting improvements still to be made.

Overall: Ability to detect open source vulnerabilities in our code.

Vendor Response

by Black Duck on July 31, 2017

Thank you for providing feedback about your experience with Black Duck Hub. We¿re so sorry you are having issues ¿ and we¿d like to work together to fix that. We have escalated your case so that we can resolve it quickly. Our customer support team strives to provide support in the way that works best for you, so we noted in your account that you prefer to be reached via phone. A senior support representative will reach out to you via phone. Many of the issues you experienced during deployment were due to our old AppMgr architecture. The new Docker deployment is a more stable environment built to fix many of the issues you experienced. The Docker deployment can be harder to implement and run the first time; our senior support representative will be guiding you through this process. We will do better next time you have an issue; please escalate any issues you have to your Customer Success Manager.

This product is very powerful in analyzing, but still a lot of Manual work has to be done.

Jul 26, 2017
4/5
Overall
3 / 5
Ease of Use
5 / 5
Features & Functionality
4 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: the automations, the huge nowledge base and last but not least automatic reports. two different views, modern and classic. Easy seraching and comparing of source code.

Cons: the ease of use is unfortenatley complicated. In some cases it is unclear how to solve license conflicts for example. i would propose to make clearer what the detailed workflow steps for an analyze is.

Overall: abetter possibilty to assess open source software

Vendor Response

by Black Duck on August 28, 2017

Thank you for your feedback, we are excited that the automations, knowledge base and automatic reports are working for you. Our engineering team will be reaching out to better understand your ease of use issues, including any specific feedback on licensing and analysis workflow required.

Customer Support was quick & helpful. Most of the software already up there & less turnaround time

Jul 25, 2017
4/5
Overall
4 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 8.0/10 Not
Likely
Extremely
Likely

Pros: Simple and easy to use, Responsive Customer support. Most of the softwares were already available. The new addition softwares takes less turnaround time for availability.

Cons: Don't see any as such. However would like to see latest softwares already added so that easy for the users.

Overall: Helped to verify the softwares for our product software developed in external environment by vendor.

Vendor Response

by Black Duck on August 09, 2017

Thank you so much for your feedback! We love hearing from our customers and are working to make our updates as easy as possible for you.

Excellent open source governance tool!

Jul 25, 2017
5/5
Overall
5 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
3 / 5
Value for Money

Pros: I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

Cons: The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Vendor Response

by Black Duck on August 28, 2017

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!

Could be better for .Net applications.

Jul 10, 2017
4/5
Overall
5 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
3 / 5
Value for Money
Likelihood to Recommend: 5.0/10 Not
Likely
Extremely
Likely

Pros: Reports are very good. Operational risk, License report etc are all very helpful. Could use more information for .Net applications though.

Cons: KB isn't really that good for third party dlls etc for .Net applications.
If the Jsons we send out to customer support could be automated as well (by Jenkins plugin) that'd be helpful instead of manually running them.

Vendor Response

by Black Duck on August 28, 2017

We are glad that you find the reporting useful. Our recently released Hub Detect (in Hub 4.1) can generate Dry Runs, which should help with support processes. In addition, Hub Detect is also better at identifying Nuget packages. Documentation on how to set up Hub Detect can be found here: https://blackducksoftware.atlassian.net/wiki/spaces/INTDOCS/pages/49131875/Hub+Detect. We¿ll reach out to help answer any remaining questions you may have.

Stable Software to identify open source vulnerabilities

Jun 29, 2017
5/5
Overall
4 / 5
Ease of Use
5 / 5
Features & Functionality
5 / 5
Customer Support
3 / 5
Value for Money
Likelihood to Recommend: 7.0/10 Not
Likely
Extremely
Likely

Pros: It is very easy to use and integrate with the current continuous integration infrastructure. It is adding new features frequently to improve usability.

Cons: The result from scanning is not always that great. It should focus on improving findings. There are a lot of false alarms that should be corrected to update its database. It should support more languages in future.

Vendor Response

by Black Duck on August 28, 2017

Thank you for your review and we are glad you are enjoying the continued improvements. We are continuing to improve our language database and have recently released features in Hub 4.1 that should help improve scan results ¿ check out our new video blog that highlights these features here: https://www.youtube.com/watch?v=_4v2WwVQs1I. Your CSM will reach out to help you with your specific use cases.

So far my experience with BlackDuck is great. I have seen almost positive response pretty much

Jun 29, 2017
4/5
Overall
4 / 5
Ease of Use
4 / 5
Features & Functionality
3 / 5
Customer Support
3 / 5
Value for Money

Pros: I like BD Hub when compare to Protex and CodeCenter. It's easy to handle and all in place rather than 2 legs at 2 different places. I have seen little issue with GUI provided along with Hub bit it's managable. The integration with Hub was easy along with Jenkins, Coverity, Jira and other tools. If properly integrated BD Hub along with Jenkins then the issue can be identified with Opertaional/Vulnerability/License much earlier than later. The Hub version of current one in-terms installation looks easy as one bundle instead of few different add-ons as prior. I had little issues while installation since of pre required suff with Linux lsb since it had multiple dependencies, otherwise it was easy to breeze through. Overall, my experience is good so far.

Cons: I have only exposures to 3 BD softwares Protex, CodeCenter and Hub. Out of it, I like Protex as least one. Since it was NOT very much user friendly. It's my experience but could have been better.

Vendor Response

by Black Duck on August 09, 2017

Thank you for sharing your feedback. We agree with you - the integrations for Hub make identifying open source risks earlier in the SDLC much simpler. Please reach out to support if you have any questions.

It filled the needs of our team.

Jun 28, 2017
3/5
Overall
4 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money

Pros: New feature are constantly being added. The support team is quick to get back with questions and issues.

Cons: Upgrading it is a major pain / undertaking. Each time we need to upgrade the system we have to do the equivalent of installing it from scratch.

Vendor Response

by Black Duck on August 28, 2017

We are glad you are pleased with our new features and the support you have received. We recently released a new deployment architecture with Hub 4.0, which should help alleviate some of that pain. In fact, our VP of Engineering just released this video https://www.youtube.com/watch?v=kvkqzFm4bgA to help answer some of the customer questions we¿ve received. Your CSM will be in touch to help answer any additional questions. In the meantime, please reach out to support.

Modern Open Source Manger

Jun 28, 2017
5/5
Overall
5 / 5
Ease of Use
5 / 5
Features & Functionality
5 / 5
Customer Support
5 / 5
Value for Money

Pros: The thing I like most about the Hub is the integrations. Engineers are moving toward a more automated build process and a have a tool that can support that is very nice.

Vendor Response

by Black Duck on August 09, 2017

Thank you for reviewing the software. We agree that integrations are very important, particularly for organizations using continuous integration in their SDLC.

It seems complex but usable

Jun 26, 2017
5/5
Overall
3 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
4 / 5
Value for Money

Pros: Support is robust, and technically competent. We've had to use support a few times, and while the problems were complex the engineers were diligent about resolving the issue.

Cons: The ability to find independent information from users about this software is nearly impossible. I'm not sure why that is.

Vendor Response

by Black Duck on August 09, 2017

Thank you for the feedback. We're glad our support team has been able to help you. Please reach out to them if you have any other questions.

Black Duck met Entersekt¿s checklist of what we needed in an OSS management solution.

Jun 01, 2017
4/5
Overall
3 / 5
Ease of Use
4 / 5
Features & Functionality
5 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: Seamless integration & ease of use; Relevant feedback; Earlier in the SDLC; Real-time and continuous monitoring; Automated Notifications; Easy-to-digest reports with minimal false positives; Jenkins support & secure scanning; Code doesnt leave intranet; Identify open source licenses

Cons: The navigation of the UI can do with some more intuitive organization potentially with some contextual assistance to interpret what the summary number mean exactly on some of the report screens.

Vendor Response

by Black Duck on August 09, 2017

Thank you for sharing a review, Philip! Your feedback helps us improve our product, and we look forward to future discussions with you.

Sep 26, 2017
4/5
Overall
5 / 5
Ease of Use
3 / 5
Features & Functionality
4 / 5
Customer Support
4 / 5
Value for Money
Likelihood to Recommend: 5.0/10 Not
Likely
Extremely
Likely