Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Black Duck: Great for Open Source Governance
What do you like best about the product?
Black Duck help company in easy and compleate governance of open source use.
People can manage legal, security and operational risks using Black Duck Tools like Black Duck Hub, a really complete ad useful platform to monitor open source components in your software also as part of Continuos Integration/Continuos Delivery cycle.
People can manage legal, security and operational risks using Black Duck Tools like Black Duck Hub, a really complete ad useful platform to monitor open source components in your software also as part of Continuos Integration/Continuos Delivery cycle.
What do you dislike about the product?
Not so much detailed documentation available.
What problems is the product solving and how is that benefiting you?
We are helping our customer and internal Business Line in a better governance open source usage and in monitoring and managing legal, security and operational risks in using open source components.
- Leave a Comment |
- Mark review as helpful
Black Duck is the way to go for your open source code management
What do you like best about the product?
The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market.
The Web UI is well built, easy to navigate and makes the experience so easy to handle the product.
Easy docker based hub installation.
The Web UI is well built, easy to navigate and makes the experience so easy to handle the product.
Easy docker based hub installation.
What do you dislike about the product?
The product is really amazing already. Hub knowledge bases are huge and growing day by day. Suggest black duck to update the KBs quickly. And may be a web link shared to all the customers, who can post about the new open source bundle to fasten the on boarding of the new item. Black Duck is a duckling and is growing fast.
What problems is the product solving and how is that benefiting you?
Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
Fast scanning, good ID of open source vulnerabilities, but workflow is lacking
What do you like best about the product?
The Hub product is very fast at scanning our software. The Knowledge Base has improved so it is correctly identifying open source components most of the time. The UI is fast and nice looking.
What do you dislike about the product?
Still too many incorrect identifications. There is no support for a workflow to manage mitigations of vulnerabilities in a particular component in one version of a project, then apply those comments and actions to future versions, or to the same component in other projects. It doesn't keep history of changes (updates to component matches, or mitigations), doesn't allow rolling back changes in a consistent way. The flow in the UI is very inefficient -- often way too many clicks to get to related information, hard to discover many of those pages. Then when you go back it loses the originally selected item, so you have to remember it, possibly scroll to the bottom and click to advance to the right page, and find the item.
What problems is the product solving and how is that benefiting you?
We have customers who scan our software with Black Duck. Having it inhouse enables us to find reported vulnerabilities in our software before we ship it, or to find out about newly discovered vulnerabilities in our existing code before customers do, so we can fix things before they ship, or be ready with information for customers.
Open Source Software - Security tools
What do you like best about the product?
Impressed with the Blackduck offerings to scan and manage OpenSource software, their service, and the response time .
Very detailed information on licensing and vulnerability for the open source software .
UI and the usability of the tool and its plugins makes it easier to use.
Best in class tools
Very detailed information on licensing and vulnerability for the open source software .
UI and the usability of the tool and its plugins makes it easier to use.
Best in class tools
What do you dislike about the product?
Nothing to dislike in particular, however there are some short comings meeting up to our enterprises requirements, which is being addressed by BlackDuck product team
What problems is the product solving and how is that benefiting you?
Opensource software scanning
Essential!
What do you like best about the product?
Black Duck has a long history of being the industry leader in open source scanning. Their new Black Duck Hub product is a refreshingly easy to use product that meets the majority of our needs and allows us to proceed with confidence that we are accurately accounting for our open source use.
What do you dislike about the product?
While the product does meet the majority of our needs, it doesn't meet every need. However, Black Duck is very responsive and receptive to feature requests. I also dislike the usage-based billing. The product is so easy to use that I want to scan more of my code more frequently, but the usage-based billing puts me at odds with that desire.
What problems is the product solving and how is that benefiting you?
This allows us to generate an inventory of all open source we are including in our products and thus mitigate our legal risk and protect our intellectual property.
Black Duck Hub
What do you like best about the product?
Deployment was not too difficult, site works well, customer support is responsive. The Hub supports mixed LDAP/interal db authentication.
What do you dislike about the product?
Some of the features we were interested in are still under development, due to be release later in the year.
Black Duck moved to a docker type of installation right after I deployed the solution. It would have been nice to have been given a heads up on this, I would have delayed a bit.
Black Duck moved to a docker type of installation right after I deployed the solution. It would have been nice to have been given a heads up on this, I would have delayed a bit.
What problems is the product solving and how is that benefiting you?
Open source licensing, security an operational risk analysis.
showing 21 - 26