Black Duck Hub

Une solution de gestion complète en open source

4,2 /5 (28 avis) Donnez votre avis !

Black Duck Hub - Présentation

Description du logiciel Black Duck Hub

Black Duck Hub est un logiciel de gestion en open source qui permet aux développeurs web de découvrir, surveiller et gérer les vulnérabilités de sécurité en open source et la conformité des licences. Black Duck Hub permet aux utilisateurs d'automatiser les processus de sécurisation des logiciels en open source et de gestion des failles de sécurité, de conformité des licences en open source et des risques opérationnels grâce à des technologies de numérisation, de surveillance et d'alerte.

Black Duck Hub - Présentation

Prix

À partir de
N/A

Types de licence

Essai gratuit
Abonnement
Rapport qualité-prix

Black Duck Hub - Fonctionnalités

Appareils
Pour quelle entreprise ?
TPE PME GE
Disponible dans les pays suivants
États-Unis
Langues
anglais

Médias

View vulnerability data
Identify open source in code, binaries, and containers
Identify license and component quality risks
Set and enforce open source use and security policies
Vidéo de Black Duck Hub Capture d'écran pour Black Duck Hub : View vulnerability data Capture d'écran pour Black Duck Hub : Identify open source in code, binaries, and containers Capture d'écran pour Black Duck Hub : Identify license and component quality risks Capture d'écran pour Black Duck Hub : Set and enforce open source use and security policies

Black Duck Hub - Avis

Black Duck Hub - Avis

Note globale
4,2
/
5
Excellent
11

Très bien
12

Moyen
4

Médiocre
1

Mauvais
0

Rapport qualité-prix
3,8
Fonctionnalités
4
Simplicité d'utilisation
3,7
Support client
4,1
82% des utilisateurs recommandent cette application
Utilisateur vérifié

Ease of Use and extensible integration availability


Traduire avec Google Translate
Rajiv A.

The ease of identifying and managing the open source code vulnerabilities and license risks.

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.


Traduire avec Google Translate
Pete T.

Great software which I believe in, but not a pain free experience.

Ability to detect open source vulnerabilities in our code.


Traduire avec Google Translate
Marco I.

Using Black Duck HUB for Open Source Governance in software projects.

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.


Traduire avec Google Translate
Emmanuel C.

Excellent open source governance tool!


Traduire avec Google Translate
Utilisateur vérifié
Secteur d'activité: Services et technologies de l'information
Taille de l'entreprise: 2-10 employés
Traduire en français
Traduire en français

Ease of Use and extensible integration availability

Logiciel utilisé Autre pendant plus d'un an
Publié le 10/04/2018
Provenance de l'avis : GetApp

Avantages

The integrations points are quite very wide and cater to whatever type of CI/ CDthat you may want to use, also, the IDE integrations are quite easy to deploy, thereby not locking you into a corner if your DevOps team are fixed on one particular type of technologies. Also, the accuracy and detection capability seems to be very solid

Inconvénients

not sure if there is something that i did not really like, maybe initially it did not have the code snippets, but that has been taken care of now ; giving the solution better capability and usage experience

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit: 10.0/10

Rajiv A.
Traduire en français
Traduire en français

The ease of identifying and managing the open source code vulnerabilities and license risks.

Logiciel utilisé tous les jours pendant 6 à 12 mois
Publié le 29/08/2017
Provenance de l'avis : Capterra

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

Avantages

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
The product is really amazing already. Hub knowledge bases are huge and growing day by day.

Inconvénients

Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit: 10.0/10

Pete T.
Secteur d'activité: Banque
Taille de l'entreprise: 1 001-5 000 employés
Traduire en français
Traduire en français

Great software which I believe in, but not a pain free experience.

Logiciel utilisé toutes les semaines pendant 6 à 12 mois
Publié le 26/07/2017
Provenance de l'avis : Capterra

Ability to detect open source vulnerabilities in our code.

Avantages

Ability to detect open source vulnerabilities in our code. Pre-sales contact & support was good (demo, trial etc). Clean interface. Performance improved in v4.0.0.

Inconvénients

Difficult installation process, made more complicated with the introduction of Docker in v4.0.0 & with introduction of mandatory SSL/TLS web server certificate which requires troubleshooting trust issues. Support team are reluctant to pick up the phone or enter into telephone support, with sporadic email communication being the favoured option. Some gaps in documentation. Why is there no pre-built Black Duck Hub virtual appliance that I can drop into VMware? No documentation for implementing with vSphere Integrated Containers (VIC), only documentation for Docker & Openshift. Reporting improvements still to be made.

Traduire en français

Réponse de Black Duck

Thank you for providing feedback about your experience with Black Duck Hub. We¿re so sorry you are having issues ¿ and we¿d like to work together to fix that. We have escalated your case so that we can resolve it quickly.

Our customer support team strives to provide support in the way that works best for you, so we noted in your account that you prefer to be reached via phone. A senior support representative will reach out to you via phone.

Many of the issues you experienced during deployment were due to our old AppMgr architecture. The new Docker deployment is a more stable environment built to fix many of the issues you experienced. The Docker deployment can be harder to implement and run the first time; our senior support representative will be guiding you through this process. We will do better next time you have an issue; please escalate any issues you have to your Customer Success Manager.

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit: 7.0/10

Marco I.
Secteur d'activité: Logiciels
Taille de l'entreprise: 1 001-5 000 employés
Traduire en français
Traduire en français

Using Black Duck HUB for Open Source Governance in software projects.

Logiciel utilisé tous les jours pendant 1 à 5 mois
Publié le 30/09/2017
Provenance de l'avis : Capterra

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

Avantages

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
Last but not least the technical support and customer care is really good.

Inconvénients

Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit: 10.0/10

Emmanuel C.
Traduire en français
Traduire en français

Excellent open source governance tool!

Logiciel utilisé tous les jours pendant 6 à 12 mois
Publié le 25/07/2017
Provenance de l'avis : Capterra

Avantages

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

Inconvénients

The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Traduire en français

Réponse de Black Duck

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Recommandation utilisateur
7,3/10
Basé sur 28 avis utilisateurs
Comparatif des alternatives : recommandation utilisateur
Comparer avec les alternatives

Black Duck Hub - Prix

Black Duck Hub - Prix

À partir de
N/A
Essai gratuit
Abonnement
Rapport qualité-prix
Rapport qualité-prix
3,8/5
Basé sur 28 avis utilisateurs
Comparatif des alternatives : rapport qualité-prix
Comparer avec les alternatives

Black Duck Hub - Fonctionnalités

Black Duck Hub - Fonctionnalités

API
Alertes de risque
Alertes et remontée des problèmes
Analyse de la vulnérabilité
Audit
Authentification
Authentification unique
Authentification à 2 facteurs
Contrôle d'accès
Gestion de la conformité
Gestion des mots de passe
Gestion des stratégies
Gestion des utilisateurs
Intégration de tiers
Monitoring
Rapports et statistiques
Stockage sécurisé des données
Suivi des activités
Surveillance en temps réel
Tableau de bord d'activités
Fonctionnalités
4/5
Basé sur 28 avis utilisateurs
Comparatif des alternatives : note sur les fonctionnalités
Comparer avec les alternatives

Catégories

Black Duck Hub - FAQ

Black Duck Hub - FAQ

Voici quelques-unes des questions fréquentes sur Black Duck Hub.

Q. Quels sont les types de licence disponibles pour Black Duck Hub ?

Types de licences disponibles pour Black Duck Hub :

Type de licence: Abonnement

Essai gratuit: Disponible

Q. Quelles sont les principales fonctionnalités du logiciel Black Duck Hub ?

Nous n'avons pas d'informations sur les fonctionnalités de Black Duck Hub.

Q. Qui utilise Black Duck Hub ?

Utilisateurs habituels du logiciel Black Duck Hub :

Grandes entreprises, Entreprises de taille moyenne

Q. Dans quelles langues Black Duck Hub est-il disponible ?

Langues dans lesquelles Black Duck Hub est disponible :

anglais

Q. Quels sont les types de licence disponibles pour Black Duck Hub ?

Types de licences disponibles pour Black Duck Hub:

Abonnement

Q. Black Duck Hub prend-il en charge les appareils mobiles ?

Nous n'avons pas d'informations sur les appareils pris en charge par Black Duck Hub.

Q. Avec quelles applications Black Duck Hub peut-il s'intégrer ?

Applications s'intégrant à Black Duck Hub :

Eclipse, Jira Service Management, Microsoft Visual Studio, OpenShift

Q. Quelles sont les ressources d'aide disponibles pour Black Duck Hub ?

Ressources d'aide disponibles pour Black Duck Hub :

Support téléphonique, Support en ligne, Base de connaissances