キャプテラ - 日本企業の最適な
ソフトウェア選びをサポートし17年

Black Duckとは?

Black Duckは、アプリケーションやコンテナでのオープンソースのコード使用に関するセキュリティ、ライセンス・コンプライアンス、コード品質リスクを管理するための包括的なソリューションです。Forresterが一流のソフトウェア・コンポジション解析 (SCA) ツールとして選定したBlack Duckは、サードパーティのコードに対して比類のない可視性を提供します。事業者がソフトウェア・サプライチェーン全体を管理し、修正作業の優先順位付けをすることが可能になります。

Black Duckの対象ユーザー

中小企業から大企業にわたるソフトウェア開発やセキュリティ・チーム。

Black Duckソフトウェア - 1

Black Duckをご存知でしょうか? 別の人気製品との比較

Black Duck

Black Duck

4.2 (29)
価格情報が見つかりません
無料バージョン
無料トライアル
24
23
3.7 (29)
3.8 (29)
4.1 (29)
VS.
価格プラン
価格オプション
機能
連携サービス
使いやすさ
価格の妥当性
カスタマーサービス
$40.00
無料バージョン
無料トライアル
157
6
4.5 (1,519)
4.6 (1,519)
4.6 (1,519)
緑色の評価バーは、平均評価とレビュー数に基づいて高評価の製品を表しています。

Black Duckの他のおすすめ代替製品

vRx
高評価の機能
パッチ管理
自動スキャン
自動パッチデプロイ
EZOfficeInventory
高評価の機能
在庫管理
在庫追跡
資産追跡
MySQL
高評価の機能
データセキュリティ
データベース・サポート
バックアップ、修復
6clicks
高評価の機能
インシデント管理
コンプライアンス管理
監査管理
Trend Micro Cloud One
高評価の機能
この製品の機能は、まだレビュアーから評価されていません。
LastPass
高評価の機能
パスワード同期
暗号化パスワード・ストレージ
認証管理
Teramind
高評価の機能
タスク管理
リモートアクセス/コントロール
従業員活動モニタリング
Pulseway
高評価の機能
サーバモニタリング
リアルタイムモニタリング
リモートアクセス/コントロール
WebTitan
高評価の機能
ネットワーク・セキュリティ
リアルタイムモニタリング
脅威対応

Black Duckの評判・レビュー

評価ポイント

総合評価
4.2
使いやすさ
3.7
カスタマーサービス
4.1
機能
4.0
価格の妥当性
3.8

企業規模(従業員数)別レビュー数

  • <50
  • 51-200
  • 201-1,000
  • >1,001

評価別レビュー

5
41%
4
41%
3
14%
2
3%
Sharique
Sharique
インドのDevOps Engineering Manager
認証済みLinkedInユーザー
病院、ヘルスケア, 5,001~10,000人規模の会社
使用期間: 1年以上
投稿経路

Black Duck - The goto tool for Software Composition Analysis

5.0 3 年前

製品を使ってみた感想: Excellent experience starting from the concept phase, evaluation phase and then later the complete implementation. Its a great tool in the domain of security and a must have

良いポイント:

An updated vulnerability list and ease of Maintainance and administration are the key features of the tool. Moreover, its a breeze to integrate with various CI/CD toolsets ensuring a great DevSecOps practice

改善してほしい点:

I guess in general DevSecOps is still a recent phenomenon and developers and engineers need to get themselves well acquainted with such security concepts

rajiv
インドのsenior specialist cloud architect
使用期間: 6~12か月
投稿経路

The ease of identifying and managing the open source code vulnerabilities and license risks.

5.0 7 年前

製品を使ってみた感想: Ease in identifying the security exposures and hidden vulnerabilities created by open source components.
Time to market is faster for identifying the vulnerabilities early during the development stage.
open source license management becomes so easy now.

良いポイント:

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. Ease in identifying the security exposures and hidden vulnerabilities created by open source components. Time to market is faster for identifying the vulnerabilities early during the development stage. open source license management becomes so easy now. The product is really amazing already. Hub knowledge bases are huge and growing day by day.

改善してほしい点:

Improve in reporting, and better API experience. Black Duck is a duckling and is growing fast.Suggest black duck to update the KBs quickly.

Pete
ベルギーのInfrastructure & Security Manager
銀行, 1,001~5,000人規模の会社
使用期間: 6~12か月
投稿経路

Great software which I believe in, but not a pain free experience.

3.0 7 年前

製品を使ってみた感想: Ability to detect open source vulnerabilities in our code.

良いポイント:

Ability to detect open source vulnerabilities in our code. Pre-sales contact & support was good (demo, trial etc). Clean interface. Performance improved in v4.0.0.

改善してほしい点:

Difficult installation process, made more complicated with the introduction of Docker in v4.0.0 & with introduction of mandatory SSL/TLS web server certificate which requires troubleshooting trust issues. Support team are reluctant to pick up the phone or enter into telephone support, with sporadic email communication being the favoured option. Some gaps in documentation. Why is there no pre-built Black Duck Hub virtual appliance that I can drop into VMware? No documentation for implementing with vSphere Integrated Containers (VIC), only documentation for Docker & Openshift. Reporting improvements still to be made.

Synopsysからの返信

7 年前

Thank you for providing feedback about your experience with Black Duck Hub. We¿re so sorry you are having issues ¿ and we¿d like to work together to fix that. We have escalated your case so that we can resolve it quickly. Our customer support team strives to provide support in the way that works best for you, so we noted in your account that you prefer to be reached via phone. A senior support representative will reach out to you via phone. Many of the issues you experienced during deployment were due to our old AppMgr architecture. The new Docker deployment is a more stable environment built to fix many of the issues you experienced. The Docker deployment can be harder to implement and run the first time; our senior support representative will be guiding you through this process. We will do better next time you have an issue; please escalate any issues you have to your Customer Success Manager.

Marco
イタリアのSystem Analyst
コンピュータ・ソフトウェア, 1,001~5,000人規模の会社
使用期間: 1~5か月
投稿経路

Using Black Duck HUB for Open Source Governance in software projects.

5.0 7 年前

製品を使ってみた感想: We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

良いポイント:

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components. A very good thing is that it provide features for code scanning, independently from language and technology, also integrated with CI/CD tools like Jenkins. The GUI is very easy to use and intuitive, the dashboard give a lot of information about Open Source Components in the project and you can take advantage of notification about new vulnerability. In the latest versions Back Duck Hub is also improved in remediation suggestions about vulnerability. Black Duck provide also good reports and you can customize it using restful API and direct access to a Report Database. What is more it is really easy to install, we use the docker compose version: just install Docker, download images and run a command to set up the environment or upgrade to a new version! Last but not least the technical support and customer care is really good.

改善してほしい点:

Black Duck HUB is a quite new product, despite it has very famous and consolidate ancestors like Protex. So some features can improve and better meet users needs, especially about reports and API. Also documentation can improve .

Emmanuel
アメリカのProject Manager, Technology
使用期間: 6~12か月
投稿経路

Excellent open source governance tool!

5.0 7 年前

良いポイント:

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.

改善してほしい点:

The application is expensive due to the billing model that enforces a quota on amount of code scanned. This disincentivizes me to use the application when I would ordinarily want to scan as much of my code as possible due to its ease of use. It has fewer features when compared to Protex, but Black Duck is slowly resolving this.

Synopsysからの返信

7 年前

Thank you for your feedback, we love hearing from our customers. You are correct ¿ Hub features are continually improved and we hope you are staying up to date and enjoying the new features. We have been working hard to close the gap on feature differences, and most will be available in Hub by end of the year. Additionally, Hub has many features not available in Protex, including showing security vulnerabilities. If you haven¿t already checked it out, check out one of our favorite new features in this video (https://www.youtube.com/watch?v=_4v2WwVQs1I) ¿ Hub Detect!