工具列表
Tool list
Blackduck(Synopsys)
Black Duck® 软件组件分析 (SCA) 帮助团队管理在应用和容器中使用开源和第三方代码所带来的安全、质量和许可证合规性风险。
Black Duck’s multifactor open source detection and KnowledgeBase of over 4 million components gives you an accurate Bill of Materials (BoM) for any application or container.
Black Duck Security Advisories help you avoid being caught off-guard by open source vulnerabilities, both in development and production. And they provide the critical data necessary to prioritize vulnerabilities for remediation, such as exploit info, remediation guidance, severity scoring, and call path analysis. Learn more about Black Duck's vulnerability database.
Black Duck automated policy management allows you to define policies for open source use, security risk, and license compliance up front, and automate enforcement across the software development life cycle (SDLC) with the tools your developers already use. Learn more about our DevOps Integrations.
