Black Duck named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year

Delivering software that users trust

As the speed and complexity of software development increases—and high-impact security breaches become more frequent—security and development teams must integrate and automate effective security testing as part of their SDLC.

Black Duck continues to invest heavily in providing solutions to address the need for both speed and security.

• Continuous Dynamic™. Last June, we acquired WhiteHat Security (Continuous Dynamic), a leading provider of application security software-as-a-service (SaaS) solutions. The addition of Continuous Dynamic provides Black Duck with significant SaaS capabilities as well as market-leading dynamic application security testing (DAST) technology to strengthen the industry’s broadest AST portfolio.
• Next-generation Polaris services. Last November, we announced the general availability of two new fast application security testing (fAST) services optimized for speed and simplicity on the Black Duck Polaris™ Platform. Black Duck fAST Static and Black Duck fAST SCA services are built on the same powerful analysis engines as our market-leading Coverity^® Static Analysis and Black Duck^® SCA solutions—integrated and delivered from the cloud via the latest version of Polaris.
• DevOps integrations. Throughout the last year, we continued to optimize our AST solutions for developers and DevSecOps use cases, including enhancements to the Code Sight™ IDE plugin and a new GitHub Action for seamlessly integrating Black Duck, Coverity, and Polaris into CI/CD workflows.
• Cloud-native application security. We enhanced and optimized the Rapid Scan engine across our portfolio, enabling customers to find security weaknesses and hard-coded secrets in cloud-native technologies like infrastructure-as-code (IaC) templates, configuration files, and APIs. Rapid Scan supports more than 2,300 security checks and is now integrated into Code Sight, Coverity, Black Duck, Seeker®, and Polaris.
• Software supply chain security. We introduced several Black Duck enhancements to help customers better understand and manage the security risks in their software supply chains. These enhancements include malicious component detection, simplified remediation for vulnerable transitive dependencies, and major improvements in scanning speed and scalability.
• Artificial intelligence. We made significant investments in artificial intelligence over the past two years to advance the speed, accuracy, and actionability of all our products. Leveraging advanced artificial intelligence expertise in Black Duck, we built advanced machine learning and other AI technologies into the core of every product in the portfolio.