Black Duck Hub

Black Duck Hub

Complete open source management solution

4.2/5 (28 avis)

Black Duck Hub - Présentation

Black Duck Hub is an open source management software for web developers to discover, monitor and manage open source security vulnerabilities and license compliance. Black Duck Hub enables users to automate the process of securing open source software and managing security vulnerabilities and open source license compliance and operational risk with scanning, monitoring, alerting technology.

Prix

À partir de
N/A
Types de licence
version d'essai gratuite
Abonnement
Rapport qualité-prix

Appareils

Type d'entreprise

S
M
L

Disponible dans les pays suivants

États-Unis

Langues

anglais

Black Duck Hub - Avis

Note globale
4.2/5
82% d'avis positifs
11
Excellent
12
Très bien
4
Moyen
1
Médiocre
0
Mauvais
Rajiv A.
Traduire avec Google Translate

The ease of identifying and managing the open source code vulnerabilities and license risks.

Logiciel utilisé tous les jours pendant 6 à 12 mois
Publié le 29/08/2017
Provenance de l'avis : Capterra

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

Avantages

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.
The product is really amazing already. Hub knowledge bases are huge and growing day by day.

Inconvénients

Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit

10.0/10
Marco I.
Traduire avec Google Translate

Using Black Duck HUB for Open Source Governance in software projects.

Logiciel utilisé tous les jours pendant 1 à 5 mois
Publié le 30/09/2017
Provenance de l'avis : Capterra

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

Avantages

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.
A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins.
The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability.
In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability.
Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database.
What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version!
Last but not least the technical support and customer care is really good.

Inconvénients

Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit

10.0/10
Emmanuel C.
Traduire avec Google Translate

Excellent open source governance tool!

Logiciel utilisé tous les jours pendant 6 à 12 mois
Publié le 25/07/2017
Provenance de l'avis : Capterra

Avantages

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

Inconvénients

The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Traduire avec Google Translate

Réponse de Black Duck

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Ramani S.
Traduire avec Google Translate

So far my experience with BlackDuck is great. I have seen almost positive response pretty much

Logiciel utilisé toutes les semaines pendant plus d'un an
Publié le 29/06/2017
Provenance de l'avis : Capterra

Avantages

I like BD Hub when compare to Protex and CodeCenter. It's easy to handle and all in place rather than 2 legs at 2 different places. I have seen little issue with GUI provided along with Hub bit it's managable. The integration with Hub was easy along with Jenkins, Coverity, Jira and other tools. If properly integrated BD Hub along with Jenkins then the issue can be identified with Opertaional/Vulnerability/License much earlier than later. The Hub version of current one in-terms installation looks easy as one bundle instead of few different add-ons as prior. I had little issues while installation since of pre required suff with Linux lsb since it had multiple dependencies, otherwise it was easy to breeze through. Overall, my experience is good so far.

Inconvénients

I have only exposures to 3 BD softwares Protex, CodeCenter and Hub. Out of it, I like Protex as least one. Since it was NOT very much user friendly. It's my experience but could have been better.

Traduire avec Google Translate

Réponse de Black Duck

Thank you for sharing your feedback. We agree with you - the integrations for Hub make identifying open source risks earlier in the SDLC much simpler. Please reach out to support if you have any questions.

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Franklin D.
Traduire avec Google Translate

Pretty good at finding vulnerabilities; workflow to keep track of mitigations is hopeless

Logiciel utilisé tous les mois pendant plus de deux ans
Publié le 28/07/2017
Provenance de l'avis : Capterra

We are able to anticipate the issues that our customers will find in our software when they scan it with Black Duck, before we ship to them. Thus, we can mitigate problems before they go out the door.

Avantages

The new Hub product is very fast to scan software, and the UI is responsive and nice-looking. The Black Duck team is responsive to problems. They have made some of the improvements we've requested.

Inconvénients

There is no support for a workflow that keeps track of changes we make. There's no history of comments or changes. Updates made to one version of a project are not easily available to other versions, or to other projects that use the same components. It is frustrating to navigate -- often too many clicks to get to a related view, and then the scroll position is lost when you go back so you have to remember where you were, click to successive pages... clunky.

Traduire avec Google Translate

Réponse de Black Duck

Thanks so much for your review ¿ we always value feedback and while we appreciate your complements, we also really appreciate your feedback on areas of improvement. As always, our product team values your insights to improve the experience and keep the bar high. Regarding change history and UI issues, we are working to continue improving this area, including visibility and ease of use in upcoming releases. Our latest 4.0 release made some changes to improve UI navigation (especially when navigating back to list screens) that should help ¿ please check it out and let us know your thoughts! Thanks again for your feedback.

Note détaillée

Rapport qualité-prix
Simplicité d'utilisation
Support client

Probabilité de recommander le produit

6.0/10

Black Duck Hub - Prix

À partir de
N/A
Types de licence
version d'essai gratuite
Abonnement
Rapport qualité-prix

Contact Black Duck Hub for detailed pricing information.

Black Duck Hub - Fonctionnalités

  • API
  • Audit
  • Gestion des stratégies
  • Intégration de tiers
  • Monitoring

  • Alertes et remontée des problèmes
  • Authentification
  • Authentification unique
  • Authentification à 2 facteurs
  • Contrôle d'accès
  • Gestion de la conformité
  • Gestion des autorisations
  • Gestion des mots de passe
  • Gestion des utilisateurs
  • Notifications automatiques
  • Piste d'audit
  • Rapports et statistiques
  • Surveillance en temps réel
  • Sécurité SSL
  • Tableau de bord d'activités

Plus d'informations sur Black Duck Hub

Black Duck Hub - Principales fonctionnalités

  • API
  • API availability
  • Activity monitoring
  • Activity tracking
  • Agile development
  • Application security
  • Approval process control
  • Asset tracking
  • Audit management
  • Automated scanning
  • Bills of material
  • Binary separation
  • Container security
  • Data mapping
  • Knowledge base
  • License management
  • Open source audits
  • Open source compliance
  • Open source security
  • PDF protection
  • Policy management
  • Progress tracking
  • Risk assessment
  • Third party integration
  • Tracking features
  • Trial license
  • Vulnerability analysis
  • Vulnerability data

Avantages

  • Detect partial and modified components.
  • Identify and inventory open source software used in applications.
  • Map components to known vulnerabilities and license requirements.
  • Continuously monitor and alert for new open source vulnerabilities.
  • Assist teams in remediation with orchestration and policy enforcement.

  • Black Duck Hub - FAQ

    Voici quelques-unes des questions fréquentes sur Black Duck Hub.

    Q. Quels sont les types de licence disponibles pour Black Duck Hub ?

    Types de licences disponibles pour Black Duck Hub :

    Type de licence: Abonnement

    version d'essai gratuite: Disponible

    Contact Black Duck Hub for detailed pricing information.

    Q. Quelles sont les principales fonctionnalités du logiciel Black Duck Hub ?

    Fonctionnalités du logiciel Black Duck Hub :

    • API
    • API availability
    • Activity monitoring
    • Activity tracking
    • Agile development
    • Application security
    • Approval process control
    • Asset tracking
    • Audit management
    • Automated scanning
    • Bills of material
    • Binary separation
    • Container security
    • Data mapping
    • Knowledge base
    • License management
    • Open source audits
    • Open source compliance
    • Open source security
    • PDF protection
    • Policy management
    • Progress tracking
    • Risk assessment
    • Third party integration
    • Tracking features
    • Trial license
    • Vulnerability analysis
    • Vulnerability data

    Q. Qui utilise Black Duck Hub ?

    Utilisateurs habituels du logiciel Black Duck Hub :

    Grandes entreprises, Entreprises de taille moyenne

    Q. Dans quelles langues Black Duck Hub est-il disponible ?

    Langues dans lesquelles Black Duck Hub est disponible :

    anglais

    Q. Quels sont les types de licence disponibles pour Black Duck Hub ?

    Types de licences disponibles pour Black Duck Hub:

    Abonnement

    Q. Black Duck Hub prend-il en charge les appareils mobiles ?

    Nous n'avons pas d'informations sur les appareils pris en charge par Black Duck Hub.

    Q. Avec quelles applications Black Duck Hub peut-il s'intégrer ?

    Applications s'intégrant à Black Duck Hub :

    Eclipse, Jira Service Desk, Microsoft Visual Studio Online, OpenShift

    Q. Quelles sont les ressources d'aide disponibles pour Black Duck Hub ?

    Ressources d'aide disponibles pour Black Duck Hub :

    Base de connaissances, Support en ligne, Support téléphonique