Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Black Duck Application Security Testing (AST) for AWS

Black Duck Software, Inc. | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

26 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Computer Software

Black duck is an excellent and reliable software to detect vulnerablities and security risks.

  • September 07, 2021
  • Review provided by G2

What do you like best about the product?
Black duck serves as a good platform to identify third party software risk factors. It can be easily integrated as of part of CI/CD tools to scan security, license risk etc. It shows the exact break up of all the risky components of the binaries.
What do you dislike about the product?
It's very strict in compliance check so during upgradation of third party software it is diffcult to ignore some of the risks. But that shows how efficient Black duck software is. Also, using open source software creates license risks.
What problems is the product solving and how is that benefiting you?
Using Black duck for binary scans as a part of DevOps activity to ensure the security and operation risk complaince that has helped to manage the risks and triage vulnerabilies in the softwares.

    Computer Software

Very basic UI

  • September 26, 2019
  • Review provided by G2

What do you like best about the product?
Comprehensive analysis. It does a good job finding everything.
What do you dislike about the product?
The output sucks, there's no comprehensive reports or nice UI or anything. It's all very basic/raw. They expect you to take all that raw information and make your own "pretty" reports with it, they have no product that can do that nor do they have any recommendations on 3rd party vendors that will do it.
What problems is the product solving and how is that benefiting you?
Finding any open source being used either directly or indirectly (ie through libraries or libraries of libraries) and all licenses that are being used.

    Computer Software

Really useful tool

  • February 04, 2019
  • Review provided by G2

What do you like best about the product?
It gives you the information about security issues and licence constraints of known 3rd party libraries your project is using. Usually you don't have control or knowledge over all 3rd party libraries used in your project it is crucial to know whether current version has any kind of issues (security or licence). Having a tool to give you this information is a next level of quality of your product. It also suggests the update version with no known issues.
What do you dislike about the product?
I had an issue it reporting a library version that officially wasn't released. It was hard to get additional details from the internet about that library to make an assessment. But that's not a big issue as it anyway suggested to update it to a latter version.

    laura c.

Black Duck Hub provides excellent opportunities for finding vulnerabilities.

  • November 02, 2018
  • Review verified by G2

What do you like best about the product?
This is really an amazing and outstanding product that provides us a lot of information and it is progressing day by day with the passage of time. Hidden vulnerabilities and security exposures can easily and efficiently be identified with the help of this splendid software. It's interface is absolutely clean. Powerful tool for creating awareness related to legal security. Fit for open source packages. This software works very fast and really easy to scan. I love the integration offered by this software.
What do you dislike about the product?
I am fully satisfied with this software but I would say its reporting should be improved and it should have more preferable API experience. Another con is that users have to face difficulties while installing this software. Because of billing model, this application seems to be quite expensive.
What problems is the product solving and how is that benefiting you?
For the business it is no doubt very useful and helps us in code security, quality analysis and audits. I can say in simple words that it saves user's time and it is one of our great benefits.
Recommendations to others considering the product:
IT field must try this tool. Even start from trail. Because of its being well-developed. Recommended !!

    Banking

Makes open source security a breeze!

  • September 13, 2018
  • Review provided by G2

What do you like best about the product?
I like how easy it is to look up if you are effected by a security vulnerability. The product makes enforcing security policies so simple. Blackduck helps in detecting vulnerabilities before you use open source software and avoids unnecessary rework.The Black Duck KnowledgeBase is up to date and very informative.I can't t
What do you dislike about the product?
I can't think of anything I don't like about the product

    Britanny C.

Waste of money

  • January 17, 2018
  • Review provided by G2

What do you like best about the product?
The premise of the software is nice, but they did not deliver.
What do you dislike about the product?
Missed key open source licensing issues and locked us into a 2-year contract. Expensive with no benefit since we ended up needing to check all the open source code we had personally. If we hadn't we could have faced significant licensing issues. Not a legally sound solution for open source licensing management.
What problems is the product solving and how is that benefiting you?
Attempted to use BlackDuck for open source licensing management and, considering even a quick check found issues, realized it was a complete waste of money.
Recommendations to others considering the product:
Don't get locked into a contract, better yet don't sign up at all

    Printing

It does what you need it to do.

  • November 17, 2017
  • Review provided by G2

What do you like best about the product?
It is very thorough. As a best I included a small snippet of code I copied from a obscure blog. It identified the code.
What do you dislike about the product?
It can be a pain at times with false alarms, and setup could be cleaner.
What problems is the product solving and how is that benefiting you?
It gave my management a safe feeling that our flagship enterprise product did not have any code that we were not entitled to.
Recommendations to others considering the product:
Use the trial and give it a good test.

    Haresh S.

Quality open source detection

  • November 16, 2017
  • Review provided by G2

What do you like best about the product?
It has a big knowledge base and when we started using it first for our new project to provide enhanced and ensured security ,we were able to understand them quite easier,thanks to the intuitive design and user friendly approach of design and layout they have enforced and most importantly open source detection on all cross platform browsers and dependency information for different languages like c++ and java
What do you dislike about the product?
Devops integration is a time consuming process and we had to wait for a day to get them completed and got to track the complete progress and also to enforce them in IDE,build CI tools and container deployment platforms all the time and time reactive dynamic features for code snippets are a a hassle
What problems is the product solving and how is that benefiting you?
It helps in code security audits,code quality analysis, and encryption audits which are out of our scope and saves us a lot of time in understanding the requirement documents and saves a lot of dollars for the client and the vendor in a way
Recommendations to others considering the product:
Easy to use,understand the comprehensive data storage knowledge warehouse repository base

    Telecommunications

Difficult and tedious to use.

  • November 09, 2017
  • Review provided by G2

What do you like best about the product?
That it will, eventually, perform its task.
What do you dislike about the product?
It is difficult and tedious to use. That it is incapable of recognizing subtle differences in versions that do and don't matter. That its tasks require multiple steps that could be simplified.
What problems is the product solving and how is that benefiting you?
Managing software licenses for software components in our software.

    Computer Software

Seems over-complicated

  • October 31, 2017
  • Review provided by G2

What do you like best about the product?
The quick response from the team to know if we can add it or if is already approved
What do you dislike about the product?
There are so many different pages/screens where you have to enter information-I felt it could be consolidated-Also, it was like using DOS-If you don't search for exactly how the SW title and version were originally entered-The tool won't bring it up-Very frustrating-Could be more user-friendly & auto-fill when close-Like Google
What problems is the product solving and how is that benefiting you?
Once everything is entered properly-The turn-around time for answers were pretty fast
Recommendations to others considering the product:
Its hard to say since I am not sure if all of the issues were 100% Black Duck SW or a combo of it not playing well with the environment-So, I guess be sure to be clear on how well it operates in your environment

showing 11 - 20