TMCnet News

Black Duck Hub Provides Most Comprehensive and Earliest Alerts on New Open Source Vulnerabilities
[August 04, 2015]

Black Duck Hub Provides Most Comprehensive and Earliest Alerts on New Open Source Vulnerabilities


Black Duck Software, a global leader in providing solutions for securing and managing open source software, today announced the availability of Black Duck Hub 2.2, including new, extended open source security vulnerability intelligence, providing vulnerability data beyond what is offered in the National Vulnerability Database (NVD).

VulnDB, a new vulnerability data source embedded in Black Duck's Hub 2.2 product release, alerts customers to newly reported vulnerabilities on average three weeks sooner than NVD in 2015.

Reporting on 38 percent more vulnerabilities than NVD, VulnDB provides more comprehensive detail on each vulnerability, recommends use of the open source software version that is free of known vulnerabilities and advises on remediation steps. Customers can protect their applications from attackers by proactively identifying where known vulnerabilities exist in their open source code within days of avulnerability being publicly reported.



"Finding open source vulnerabilities in our NFV orchestration software products manually is a burdensome process. Manual testing often yields incomplete lists requiring additional time and effort to secure software releases. With the Black Duck Hub and its VulnDB, our software team can quickly extrapolate vulnerability points and identify safe open source components. Overture can hold the line and release products quickly and securely with the Black Duck Hub," said Richard Jenny, Director, Engineering Program Management & DevOps at Overture Networks (News - Alert).

With this release, the Black Duck Hub also adds new support for additional programming languages, now identifying known vulnerabilities for Java, C, C++, C#, RubyGems, Nuget, JavaScript and Scala. Further, the Black Duck Hub continuously monitors for new vulnerabilities reported against open source software already in use.


Try the 14-day trial of the Black Duck Hub.

About Black Duck Software (News - Alert)

Organizations worldwide use Black Duck Software's industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA and has offices in Mountain View, CA (News - Alert), London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.


[ Back To TMCnet.com's Homepage ]