Black Duck Hub Receives ‘Ready for IBM Security Intelligence’ Validation

Black Duck®, a global leader in automated solutions for securing and managing open source software, today announced that it has received IBM PartnerWorld’s Ready for IBM Security Intelligence designation for its Black Duck Hub security solution. As a result, Black Duck Hub has been validated to integrate with IBM Security AppScan to better protect customers around the world.

[easy-tweet tweet=”#CloudNews: @black_duck_sw receives ‘Ready for @IBM Security Intelligence’ validation” user=”comparethecloud”]

The technology integration allows organisations to identify and manage application security risks for both custom-developed and open source code through a single view within IBM Security AppScan that provides comprehensive information about vulnerabilities and the ability to manage remediation.

Black Duck Hub identifies and inventories the open source in applications and containers and maps any known security vulnerabilities by comparing the inventory against data from the National Vulnerability Database (NVD) and VulnDB. Hub also provides continuous monitoring for newly discovered open source vulnerabilities.

IBM® Security AppScan® Enterprise enables organizations to mitigate application security risk, strengthen application security program management initiatives and achieve regulatory compliance.

Organizations worldwide are struggling to keep their applications safe from vulnerabilities. Among their top challenges are visibility and control over risks in open source code. Thousands of new vulnerabilities in open source are reported annually and 98 percent of organizations are using more open source in their applications than they are aware of, leaving them exposed to vulnerabilities such as Heartbleed, Shellshock, Ghost or Venom.

“It’s not uncommon for open source software to make up 40 to 50 percent of a large organization’s code base. By integrating Black Duck Hub with AppScan, IBM customers will gain visibility into and control of the open source they’re using. This will enable them to better understand and reduce security risks,” said N. Louis Shipley, Black Duck CEO.

“We’re dedicated to enabling a holistic approach to enterprise application security management,” said Lawrence Gerard, Program Director, Application Security, IBM. “Through our technology integration with Black Duck, our joint customers will be able to identify and remediate security vulnerabilities in both their open source and custom code – all through IBM Security AppScan Enterprise. This gives them a more complete and effective way to manage application security.”

Key features available to IBM AppScan customers using Black Duck Hub:

  • Comprehensive identification of open source: Rapid scanning and identification of open source libraries, versions, license and community activities using the Black Duck® KnowledgeBase™ – the industry’s most complete database for open source
  • Assessment of open source risks: Automated mapping of open source inventory to known vulnerabilities
  • Integrated remediation orchestration and policy enforcement: Open source vulnerability remediation prioritization and mitigation guidance
  • Continuous monitoring for new security vulnerabilities: Ongoing monitoring and alerting on newly reported open source security vulnerabilities
+ posts


Related articles

Need to reduce software TCO? Focus on people

Investing in software is undoubtedly important for enterprises to stay ahead. However, the process is rarely a simple task for CIOs and IT leaders.

The future of cloud and edge optimisation

As more enterprises use multi-cloud and hybrid infrastructures, the danger of cost overruns and loss of control increases.

Here is how to stage a public cloud migration

As the relationships between CSPs and cloud providers are deepening, CSPs need to develop a clear strategy on how they add value to customer relationships.

The future of work is collaborative

As hybrid work models continue to gain traction, businesses will need to start implementing collaborative tools and processes to meet the needs and expectations of the upcoming workforce, seamlessly integrating them into existing workflows to enhance productivity and performance. Innovations in technology, including AI and machine learning, mean that organisations are in a better position than ever to shape the collaborative future of work – and with the right support in place, they can ensure that these digital tools continue to bring out the best in their workforce for years to come.

How Business Data Can Be Protected, Even with Remote Workers

According to a study conducted by OwlLabs, approximately 69% of survey respondents worked remotely during the pandemic or are now working from home since.


Please enter your comment!
Please enter your name here

Subscribe to our Newsletter