Application Security

Black Duck Recognized as a Leader in SCA by Independent Research Firm

Black Duck receives highest possible scores in nine of the 25 criteria and second highest score overall in the current offering category.

Black Duck® Software, Inc. (“Black Duck”) today announced it has been recognized as a leader in The Forrester Wave™: Software Composition Analysis, Q4 2024. The report identifies the 10 most significant vendors in the software composition analysis (SCA) market and evaluates them against 25 criteria grouped into two high-level categories: current offering and strategy. Black Duck SCA received the highest possible scores in nine of the 25 criteria and the second-highest score overall in the current offering category.

The report states: “An astonishing 77% of codebases are comprised of open-source software, which means a considerable amount of an application’s risk is due to third-party sources. Application security and development leaders depend on SCA tools for insight into the security risks and licensing concerns associated with open-source and third-party libraries. SCA providers stand out by not only efficiently identifying and addressing security and license risks but also embracing use cases related to the software supply chain.”

Within the current offering category, Black Duck received the highest possible scores in the following criteria:

  • Component Identification & Analysis
  • License detection, analysis, & guidance
  • Risk intelligence
  • SBOM generation, export, and sharing
  • SBOM ingestion and analysis
  • Policy management
  • Language support

Within the strategy category, Black Duck received the highest possible scores in the following criteria:

  • Innovation
  • Supporting services and offerings

According to the report, “Black Duck Software offers exceptional open-source, third-party, and closed-source component and snippet analysis for vulnerability, license, and copyright detection. SBOM management, generation, export, ingestion, and analysis capabilities are among the best in this evaluation. Policy management is a strength, with more than 40 criteria for operational health, license risk, and security risk.”

“We’re proud to be recognized by Forrester as a leader in this evaluation just six weeks after launching Black Duck as an independent company,” said Jason Schmitt, CEO of Black Duck. “Identifying and managing risk in open source software components and the broader software supply chain is a critical part of building trust in your software. As a pioneer in software composition analysis with highly differentiated technology and an open-source database that has been developed and enhanced over several decades, Black Duck SCA is uniquely positioned to help organizations across all industries secure their software supply chains.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

Related posts

Snyk unveils advancements during October SnykLaunch at the DevSecCon

GlobeNewswire

Onapsis announced a series of strategic expansion & new Exec hire

Business Wire

ColorTokens Wins at Cyber Security Global Excellence Awards

Business Wire