Listing Thumbnail

    Black Duck Application Security Testing (AST) for AWS

     Info
    Deployed on AWS
    Application security tools and services that integrate security testing into DevOps workflows. Available via Private Offer.
    4.1

    Overview

    Play video

    Black Duck helps you build trust in your software by enabling you to manage application security, quality, and compliance risks at the speed your business demands. Our application security tools and services integrate directly with your existing AWS environment. Optimize your DevOps workflows and transform the way you build and deliver software by aligning people, processes, and technology to intelligently address software risks across your portfolio and at all stages of the application lifecycle. Pricing listed is for Black Duck Binary Analysis - contact Black Duck for additional products and Private Offer pricing.

    Highlights

    • Secure code as fast as you write it: Find and fix security defects in both your code and open source dependencies, directly within the IDE, with Code Sight.
    • Automate testing without compromising velocity: Integrate and automate security, quality, and compliance analysis source code, binaries, and IaC into your CI pipelines with Coverity SAST, Black Duck SCA and Black Duck Binary Analysis. Automate testing and detection of vulnerabilities and data leakage issues in cloud applications and microservices with Seeker IAST. Identify hidden zero-day vulnerabilities and reliability defects in IoT and network device software with Defensics Fuzzing.
    • Identify and focus on the highest risk security defects: Cut through the noise of AST findings with Software Risk Manager machine learning-based vulnerability correlation and prioritization that focuses remediation efforts on issues that pose the highest business risk. Correlate and prioritize findings across your AST tools and activities with Software Risk Manager to focus remediation efforts where they will have the greatest impact.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Black Duck Application Security Testing (AST) for AWS

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (1)

     Info
    Dimension
    Description
    Cost/12 months
    BD Binary Cloud - 50
    Black Duck Binary Cloud 50 Team Members Annual License
    $52,500.00

    Vendor refund policy

    All fees are non-refundable

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Vendor resources

    Support

    Vendor support

    Online, email and phone support available.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    4.1
    31 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    58%
    29%
    7%
    3%
    3%
    0 AWS reviews
    |
    31 external reviews
    External reviews are from G2 .
    Computer Software

    Excellent Visibility into Open-Source Vulnerabilities

    Reviewed on Jun 28, 2026
    Review provided by G2
    What do you like best about the product?
    Black Duck provides excellent visibility into open-source vulnerabilities. It makes it very easy to track our dependencies and confirm we aren’t shipping code that contains known security flaws.
    What do you dislike about the product?
    At times, the scans return a high number of false positives, which creates extra manual work for our team to review and dismiss them.
    What problems is the product solving and how is that benefiting you?
    Black Duck helps us address the problem of hidden vulnerabilities in our open-source dependencies. The biggest benefit is that it significantly reduces our security risk by enabling developers to spot and remediate issues well before they make it into production.
    Md Sarfaraz H.

    Comprehensive Visibility into Open-Source Dependencies and Security Risks

    Reviewed on Jun 25, 2026
    Review provided by G2
    What do you like best about the product?
    like that Black Duck makes it easy to identify open-source components and track security vulnerabilities. It gives clear visibility into the libraries being used and helps ensure that applications remain secure and compliant.
    What do you dislike about the product?
    While Black Duck is a useful tool, the user interface can sometimes feel complex, especially for new users. Some scans may take longer than expected for large projects, and understanding certain reports can require additional knowledge or training. Improving the dashboard's simplicity and report readability would enhance the overall user experience.
    What problems is the product solving and how is that benefiting you?
    Black Duck helps identify security vulnerabilities and license compliance issues in open-source components used within applications. This allows us to detect potential risks early, maintain compliance, and improve application security. It also reduces the manual effort required to track dependencies, helping us save time and focus on other critical tasks.
    VIVEK S.

    Powerful Open-Source Risk Management, Needs Easier Setup

    Reviewed on May 18, 2026
    Review provided by G2
    What do you like best about the product?
    I appreciate how Black Duck reduces audit stress with its automated compliance reporting. It strengthens DevSecOps workflows by embedding open-source risk management directly into the CI/CD process. I find the detailed dashboards for audits very useful, and I like the customizable rules for governance offered by the policy control features.
    What do you dislike about the product?
    The UI sometimes feels dated and requires expertise to configure effectively. Additionally, the setup is heavy and tough, with a need to make it lighter and reduce the installation process.
    What problems is the product solving and how is that benefiting you?
    Black Duck helps manage open-source risks by detecting vulnerabilities and ensuring license compliance. It automates compliance reporting, reducing audit stress, and strengthens DevSecOps workflows by integrating risk management into CI/CD pipelines.
    Renato Z.

    High-Performing and Effective, with Appreciated Automatic Alerts

    Reviewed on Apr 07, 2026
    Review provided by G2
    What do you like best about the product?
    Perfoming and effective. Automatic alerts are really appreciated and
    What do you dislike about the product?
    Prices are not affordable and UX interface not so easy. Sometimes scanning are a little slow
    What problems is the product solving and how is that benefiting you?
    Black Duck helped us to understand where our code was not performing well. We improved visibility and we were able to keep under control security and legal risks
    Lokesh T.

    Powerful SCA Tool with Extensive Knowledge, but Resource-Heavy On-Prem Deployment

    Reviewed on Oct 17, 2025
    Review provided by G2
    What do you like best about the product?
    I found it as a best SCA tool, where its engine is very powerful in identifying Open source issues, And the main thing is that its Black Duck Knowledge is very huge
    What do you dislike about the product?
    The only drawback is it require huge resource to deploy in on-prem
    What problems is the product solving and how is that benefiting you?
    It solves addressing Open Source Issues basically its a Software composition Analysis tool.
    View all reviews