Open Source Analysis

Over the last 5 – 10 years the nature of software development has changed. With the continual drive to shorter time to market development teams no longer have the time to write all code from scratch and so are using best in class open source modules and libraries helps to shorten development times.

With the rising use of open source software comes an increased risk of introducing security vulnerabilities or violating the terms of the license agreements. Open source analysis can provide project teams with important information on their use of open source software allowing them to remediate any issues before products are released.

Black Duck Software provide best in class tools that will analyse your code base and report security vulnerability issues based on information from both the National Vulnerability Database and the more comprehensive VulnDB.  The reporting tool will highlight whether newer versions of a component exist or whether the open source licenses being used within a project conflict with each other or with the stated license of the product. More details…