• Software Categories
    View All
  • Company
    About UsVendors
Software Advice Logo
Home

/

Network Monitoring Software

/

Black Duck

Software Advice offers objective insights based on verified user reviews and independent product and market research. When our advisors match you to a software provider, we may earn a referral fee.
Overview
ReviewsAlternatives

Black Duck 2026: Benefits, Features & Pricing

On this page
  • Overview
  • Pricing and Plans
  • Features
  • Integrations
  • User Reviews

Overview

Black Duck
Black Duck
4.3
(31)

Pricing

Pricing available upon request

About Black Duck

From small businesses to large enterprises, the amount of open source code being used in software applications today is increasing substantially. Black Duck is the industry's leading solution for open source management and license compliance. The comprehensive Black Duck Knowledge Base contains over 4.5 million open source projects and 2,750 open source licenses, enabling our software to identify and mitigate critical risks in your applications and containers. Black Duck finds vulnerabilities and provides specific remediation guidance for eliminating these risks. In addition to source code, Black Duck Binary Analysis scans binary code for open source components. The tool continues to automatically monitor for new vulnerabilities that emerge throughout the development life cycle. For developers, security personnel, and legal teams alike, Black Duck provides the most complete security coverage and license compliance in the industry.

Black Duck Screenshots

0
0

Black Duck Pricing and Plans

Starting price: Pricing available upon request
Free Trial
Free Version

Black Duck Features

  • Popular features found in Network Monitoring
    Bandwidth Monitoring
    Baseline Manager
    Data Visualization
    Device Auto Discovery
    Incident Management
    IP Address Monitoring
    Network Analysis
    Patch Management
    Real-Time Data
    Simple Network Management Protocol (SNMP)
    Threshold Alerts
    Uptime Reporting
  • More features of Black Duck
    Activity Tracking
    API
    Application Security
    Audit Management
    Audit Trail
    Compliance Management
    License Inventory
    License Tracking
    Monitoring
    Policy Management
    Real-Time Notifications
    Reporting/Analytics
    Reporting & Statistics
    Risk Alerts
    Risk Assessment
    Security Auditing
    Third-Party Integrations
    User Management
    Vulnerability Scanning

Black Duck Integrations

Microsoft Visual Studio
Microsoft Visual Studio
Microsoft Azure
Microsoft Azure
Docker
Docker
OpenShift
OpenShift
Jira
Jira
Slack
Slack

See all 19 integrations

Black Duck User Reviews

Overall Rating

4.3

Ratings Breakdown

5

45%

4

39%

3

13%

2

3%

1

0%

Secondary Ratings

Ease of Use

3.7

Value for money

3.9

Customer support

4.2

Functionality

4.1

VR

Verified
Reviewer

Information Technology and Services

2-10 employees

Used other for less than 2 years

Review source

Reviewed April 2018

Ease of Use and extensible integration availability

5

Ratings Breakdown

5
Ease of use
5
Value for money
4
Customer support
5
Functionality
icon
Pros:
The integrations points are quite very wide and cater to whatever type of CI/ CDthat you may want to use, also, the IDE integrations are quite easy to deploy, thereby not locking you into a corner if your DevOps team are fixed on one particular type of technologies. Also, the accuracy and detection capability seems to be very solid
Cons:
not sure if there is something that i did not really like, maybe initially it did not have the code snippets, but that has been taken care of now ; giving the solution better capability and usage experience

Read More

TO

Tunde O.

Verified reviewer

Information Technology and Services

2-10 employees

Used other for less than 2 years

Review source

Reviewed July 2017

Super fast, neat and top notch solution for Software Composition Analysis

5

Ratings Breakdown

5
Ease of use
5
Value for money
4
Customer support
4
Functionality
icon
Pros:
The fact that it combines all three core areas of Open Source Security Management is a very deep advantage. whether the need is security or license risk management or operational risk concerns. Black Duck does it well and neat. Also, the scan speed helps you quickly make a good case within the shortest possible time. it can be delivered On premise, allowing the user company to keep their source code and not release their source code unlike some other solution.
Cons:
the fact that the code base monitored. would have been nice if the solution could be project based pricing or perhaps priced as a function of the number of lines of code. Nonetheless, still a fantastic tool

Vendor Response

Thank you for your feedback. We love hearing from our customers, and use this information to continuously improve our offering. Please contact support if you have any questions.

Replied August 2017

Read More

AW

Andrew W.

Used daily for less than 12 months

Review source

Reviewed June 2017

It filled the needs of our team.

3

Ratings Breakdown

4
Ease of use
5
Value for money
5
Customer support
4
Functionality
icon
Pros:
New feature are constantly being added. The support team is quick to get back with questions and issues.
Cons:
Upgrading it is a major pain / undertaking. Each time we need to upgrade the system we have to do the equivalent of installing it from scratch.

Vendor Response

We are glad you are pleased with our new features and the support you have received. We recently released a new deployment architecture with Hub 4.0, which should help alleviate some of that pain. In fact, our VP of Engineering just released this video https://www.youtube.com/watch?v=kvkqzFm4bgA to help answer some of the customer questions we¿ve received. Your CSM will be in touch to help answer any additional questions. In the meantime, please reach out to support.

Replied August 2017

Read More

MG

Mallika G.

Information Technology and Services

51-200 employees

Used daily for less than 12 months

Review source

Reviewed July 2017

Could be better for .Net applications.

4

Ratings Breakdown

5
Ease of use
3
Value for money
5
Customer support
4
Functionality
icon
Pros:
Reports are very good. Operational risk, License report etc are all very helpful. Could use more information for .Net applications though.
Cons:
KB isn't really that good for third party dlls etc for .Net applications. If the Jsons we send out to customer support could be automated as well (by Jenkins plugin) that'd be helpful instead of manually running them.

Vendor Response

We are glad that you find the reporting useful. Our recently released Hub Detect (in Hub 4.1) can generate Dry Runs, which should help with support processes. In addition, Hub Detect is also better at identifying Nuget packages. Documentation on how to set up Hub Detect can be found here: https://blackducksoftware.atlassian.net/wiki/spaces/INTDOCS/pages/49131875/Hub+Detect. We¿ll reach out to help answer any remaining questions you may have.

Replied August 2017

Read More

BS

Basma S.

Security and Investigations

1001-5000 employees

Used daily for less than 12 months

Review source

Reviewed June 2017

Stable Software to identify open source vulnerabilities

5

Ratings Breakdown

4
Ease of use
3
Value for money
5
Customer support
5
Functionality
icon
Pros:
It is very easy to use and integrate with the current continuous integration infrastructure. It is adding new features frequently to improve usability.
Cons:
The result from scanning is not always that great. It should focus on improving findings. There are a lot of false alarms that should be corrected to update its database. It should support more languages in future.

Vendor Response

Thank you for your review and we are glad you are enjoying the continued improvements. We are continuing to improve our language database and have recently released features in Hub 4.1 that should help improve scan results ¿ check out our new video blog that highlights these features here: https://www.youtube.com/watch?v=_4v2WwVQs1I. Your CSM will reach out to help you with your specific use cases.

Replied August 2017

Read More

NG

Naveen G.

Financial Services

1001-5000 employees

Used daily for less than 2 years

Review source

Reviewed August 2017

Technical Customer support is not good taking ages to resolve the issue

2

Web Interface and easy to the scan tool Web GUI performance is better then old version. Docker Containerized technology

Ratings Breakdown

2
Ease of use
1
Value for money
1
Customer support
3
Functionality
icon
Pros:
After upgrade to HUB4.0 software response is quick but lot of Issues with Certificates issues. Manual scan do not work on Linux servers

Vendor Response

Thanks for bringing this to our attention. We strive to make installs and upgrades as smooth as possible for our customers but unfortunately we can¿t always plan for all scenarios. We value your feedback and our support team will be reaching out.

Replied August 2017

Read More

MF

Mike F.

Financial Services

501-1000 employees

Used daily for less than 12 months

Review source

Reviewed July 2017

just started using it

4

list of open source licenses as well as where our code is using these to validate we are using them correctly

Ratings Breakdown

3
Ease of use
4
Value for money
5
Customer support
4
Functionality
icon
Pros:
right now we have it setup to automatically scan using bamboo as the scheduler, we also set it up to email users using the hub apis to get the "failures" out to let developers know where issues are
Cons:
being able to setup the repositories for internal vs externally facing code without getting help to do this

Vendor Response

Thanks for your review ¿ we¿re glad that you are able to understand your code better. Someone from our product team will be reaching out to better understand additional requirements and to help you get these deployed appropriately.

Replied August 2017

Read More

LF

Ludmila F.

Information Technology and Services

5001-10000 employees

Used other for less than 6 months

Review source

Reviewed July 2017

I couldn't find clear instructions on how to integrate scan with TFS builds.

4

Ratings Breakdown

2
Ease of use
4
Functionality
icon
Pros:
I like that identification of open source software is automatic for most part. Although after the first scan more than 800 open source component were not identified so I have to do it manually.
Cons:
It's different links to change license and version. It would be nice to have one location to make all changes if needed.

Vendor Response

Thanks for your feedback. Black Duck leverages multiple scanning techniques to get the most accurate number of matches for your codebase. We have launched Hub-Detect (https://www.github.com/blackducksoftware.com/hub-detect/), which is an umbrella implementation that leverages all our scanning techniques OTB! For your situation, you can invoke this implementation as a post-build step within your TFS job or alternatively, even run it from the command line. This ensures you have a single solution doing all your scans and ensuring you get complete results rolled up into your project. This implementation is available with your existing Hub license and can be downloaded from GitHub here (https://www.github.com/blackducksoftware.com/hub-detect/). As always, documentation for all our integrations will be on our public wiki space. Watch this space for the user guide at https://blackducksoftware.atlassian.net/wiki/spaces/INTDOCS/overview. Contact support if you need help.

Replied August 2017

Read More

TJ

Torsten J.

Automotive

10000+ employees

Used daily for less than 6 months

Review source

Reviewed July 2017

This product is very powerful in analyzing, but still a lot of Manual work has to be done.

4

abetter possibilty to assess open source software

Ratings Breakdown

3
Ease of use
4
Value for money
4
Customer support
5
Functionality
icon
Pros:
the automations, the huge nowledge base and last but not least automatic reports. two different views, modern and classic. Easy seraching and comparing of source code.
Cons:
the ease of use is unfortenatley complicated. In some cases it is unclear how to solve license conflicts for example. i would propose to make clearer what the detailed workflow steps for an analyze is.

Vendor Response

Thank you for your feedback, we are excited that the automations, knowledge base and automatic reports are working for you. Our engineering team will be reaching out to better understand your ease of use issues, including any specific feedback on licensing and analysis workflow required.

Replied August 2017

Read More

PB

Philip B.

Information Technology and Services

51-200 employees

Used weekly for less than 12 months

Review source

Reviewed June 2017

Black Duck met Entersekt's checklist of what we needed in an OSS management solution.

4

Ratings Breakdown

3
Ease of use
4
Value for money
5
Customer support
4
Functionality
icon
Pros:
Seamless integration & ease of use; Relevant feedback; Earlier in the SDLC; Real-time and continuous monitoring; Automated Notifications; Easy-to-digest reports with minimal false positives; Jenkins support & secure scanning; Code doesnt leave intranet; Identify open source licenses
Cons:
The navigation of the UI can do with some more intuitive organization potentially with some contextual assistance to interpret what the summary number mean exactly on some of the report screens.

Vendor Response

Thank you for sharing a review, Philip! Your feedback helps us improve our product, and we look forward to future discussions with you.

Replied August 2017

Read More

Showing 1 - 10 of 31 Reviews
See All Reviews

Black Duck Popular Comparisons

ESET Endpoint Security
ESET Endpoint Security vs Black Duck
Cloudflare
Cloudflare vs Black Duck
Compare All Alternatives

See what companies are saying about Software Advice