Application: Black Duck Software-Black Duck Hub

> PRODUCTS > Application: Black Duck Software-Black Duck Hub

Summary
Product

Black Duck Hub is an open-source security vulnerability management solution that can effectively resolve legal, security and operation issues related to open-source technology while utilizing the benefits of the open-source technology in various aspects including visibility improvement, management expansion, security reinforcement and external audit.

Characteristics

IDENTIFY
  • Automatic identification of an open-source technology in use
  • Mapping with known security vulnerabilities
  • Confirmation of license and community activity
SECURE
  • Analysis of CVSS metric and effects
  • Planning and tracking of improvement priorities
CONTROL
  • Monitoring of new security vulnerabilities
  • Listing and tracking of use
  • Notification and monitoring when a newly reported risk is confirmed

Expected Effects
  • Management of Security Vulnerabilities in an Open-source Technology
  • Verification and priority classification of security vulnerabilities on a used open-source technology.
  • Provision of an alternative solution for the open-source version with discovered security vulnerabilities.
  • Superior and quicker identification of security vulnerabilities through VulnDB- 40% more, up to 3 weeks quicker compared to NVD.

  • Effective Management of an Open-source Technology
  • Based on the world's largest open-source technology database.
  • Verification of open-source use, license version and maturity.

Deployment Method

- Black Duck Hub Architecture

Black Duck Hub Architecture

Construction Cases