Black Duck is a Leader in the 2024 Forrester Wave™ for SCA
Black Duck has been recognized as a Leader in The Forrester Wave: Software Composition Analysis, Q4 2024. The report was based on an evaluation of the top 10 SCA providers against 25 criteria grouped into two broad categories: Current Offerings and Strategy.
SCA providers were evaluated based on their
- Comprehensive, enterprise-class SCA capabilities
- Ability to prioritize and remediate open source license risk and vulnerabilities
- Integrate with common SDLC automation tools
- Generate Software Bills of Materials (SBOMs)
- And more
Download the report now to learn how Black Duck and other SCA providers are responding to the critical issues in software security.
Download the report now
An astonishing 77% of codebases are comprised of open-source software, which means a considerable amount of an application’s risk is due to third-party sources. Application security and development leaders depend on SCA tools for insight into the security risks and licensing concerns associated with open-source and third-party libraries. SCA providers stand out by not only efficiently identifying and addressing security and license risks but also embracing use cases related to the software supply chain.”
Among the 10 SCA providers evaluated, Black Duck received
- The second-highest score in Current Offering
- A tie for the highest score possible in the Component Identification and Analysis criteria and the License Detection, Analysis, and Guidance criteria within Current Offering
- A tie for the highest score possible in the SBOM Generation, Export, and Sharing; SBOM Ingestion and Analysis; and Policy Management criteria within Current Offering
- Among the highest-possible scores in the Innovation and Supporting Services and Offerings criteria within Strategy
- Among the highest-possible scores in the Risk Intelligence and Language Support criteria within Current Offering
