Overview
Black Duck by Synopsys gives you visibility into and control over open source risks within your applications and containers. Black Duck allows you to scan applications and container images, identify all open source components, and detect any open source security vulnerabilities, compliance issues, or code-quality risks. By deploying Black Duck on AWS and integrating it with the development tools you use in AWS, you can scan your cloud applications and images in your container registry, automate build scans in your CI pipeline, and stay notified on any security vulnerabilities or policy violations found in your open source code.
Highlights
- Scan code in your applications and containers to find open source related vulnerabilities in your codebase using the industry's most complete open source software KnowledgeBase for meta data on vulnerabilities and licensing.
- Ongoing monitoring and alerting on newly reported open source security vulnerabilities associated with open source in use.
- Set policies for open source projects, license types, and vulnerability tolerance. Quickly identify policy violations and manage exceptions by project and component.
Details
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Contact for Details