Black Duck Software's Black Duck Hub

摘要

A critical component of security management in today's enterprises involves identifying and tracking vulnerabilities in open-source code. To tackle this task, two natural partners—Black Duck Software and Risk Based Security— have joined forces to develop Black Duck Hub, a new solution that combines powerful open-source discovery with greater vulnerability intelligence to ensure higher levels of security in open-source software. Black Duck Hub helps customers identify security-related issues faster, prioritize remediation activity and implement proactive controls to avoid the use of vulnerable components. The power of the partnership between Black Duck and Risk Based Security is evident in the latter partner's VulnDB, a resource that extends the commonly used National Vulnerability Database by an additional 35,000 vulnerabilities, resulting in actionable intelligence for more than 119,000. The result, says Black Duck, is the ability for customers to take control of software and application security proactively.