Overview
Product Information on Software Risk Manager
What is Software Risk Manager?
Software Risk Manager Pricing
Software Risk Manager Product Images
Overall experience with Software Risk Manager
“SRM Shines: All Findings Consolidated, No More Tool Hopping”
About Company
Company Description
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Company Details
Do You Manage Peer Insights at Black Duck?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Software Risk Manager
Performance of Software Risk Manager Across Market Features
Software Risk Manager Likes & Dislikes
Having all the findings in one place is certainly a plus, instead of visiting multiple tools, we just visit SRM
UI
They have a strong platform, the AppSec tools drastically reduce the time spent upon vulnerability identification and managing them effectively. It is a one-stop solution for security and development.
If you triage findings in SRM it is not reflected on the tools server, so you can have inconsistent data across all your tools
It does not have unified dashboard
I personally find it difficult to use, but the features and support are good. The correlation rules can be made more flexible.
Top Software Risk Manager Alternatives
Peer Discussions
Software Risk Manager Reviews and Ratings
- IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDBankingReview Source
SRM Shines: All Findings Consolidated, No More Tool Hopping
UI is simple enough to navigate that makes the tool user friendly - SR. ENGINEER50M-1B USDIT ServicesReview Source
CodeDx Review for TCL
It has good UI, user friendly and many more customizations - SOFTWARE ENGINEER50M-1B USDRetailReview Source
One stop solution for security testing and managing compliance
Code Dx specializes in managing software risk and deploying clean builds on repositories. They do the vulnerability management part along with ensuring production-level code. - DIRECTOR1B-10B USDIT ServicesReview Source
Synopsys helps to ensure the security of our application development.
Overall experiences are excellent. Service/support is typically excellent. The "code contributor" model continues to be a thorn. - Software Engineering Manager50M-1B USDMiscellaneousReview Source
CodeDx enables user\developer to fix the reported critical issues instantly
CodeDx is a interesting feature from Synopsys to support Synopsys products like Coverity, BlackDuck, Defensics and other tools output to prioritize the defects and orchestrate the same for fixing the critical issues for their timely delivery. In static analysis tool, perform code analysis for various coding standard like MISRA\CERT\AUTOSAR\CWE based checkers will lead to reporting more issues. So CodeDX will help us to prioritize the issues based on their vulnerabilities and assist project team to fix the critical issues instantly. Its very easy to integrate different tools like SAST, SCA, UT and other tools in the CodeDX and perform the analysis for the given test results instantly. Integration and execution is bit faster and scan the various test results automatically. Bulk triaging support is available, but it will not reflect the same in the Coverity server at the moment