Overview
Product Information on Black Duck Software Composition Analysis
Updated 15th April 2026
What is Black Duck Software Composition Analysis?
Black Duck Software Composition Analysis Pricing
Overall experience with Black Duck Software Composition Analysis
VP, COMPLIANCE AND RISK MANAGEMENT
<50M USD, Services (non-Government)FAVORABLE
“Best-in-class SCA tool with Flexible Policy Management”
Best in class Software Composition Analysis tool. Wide language support. Open Source components identification using various scanners, including binary analysis and a rich knowledgebase.
Manager, It Security And Risk Management
10B - 30B USD, BankingCRITICAL
“Dated User Interface and Deployment Challenges Highlighted in Platform Feedback”
The design of the on-prem version of the platform is a bit dated. It required a considerable amount of the engineering effort to operate the platform.
About Company
Company Description
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it, development and DevSecOps teams to automate testing within development pipelines without compromising velocity, and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Company Details
Year Founded
2002
Head office location
Burlington, United States
Number of employees
1001 - 5000
Website
Do You Manage Peer Insights at Black Duck?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Top Black Duck Software Composition Analysis Alternatives
Peer Discussions
Black Duck Software Composition Analysis Reviews and Ratings
Filter Reviews
Sort By:
Most helpful
Last 12 Months
Star Rating
Reviewer Type
Reviewer's Company Size
Reviewer's Industry
Reviewer's Region
Reviewer's Job Function
- Manager, It Security And Risk Management10B+ USDBankingReview Source
Dated User Interface and Deployment Challenges Highlighted in Platform Feedback
The design of the on-prem version of the platform is a bit dated. It required a considerable amount of the engineering effort to operate the platform. - VP, COMPLIANCE AND RISK MANAGEMENT<50M USDServices (non-Government)Review Source
Best-in-class SCA tool with Flexible Policy Management
Best in class Software Composition Analysis tool. Wide language support. Open Source components identification using various scanners, including binary analysis and a rich knowledgebase. - ASSOCIATE SOFTWARE DEVELOPMENT ENGINEER1B-10B USDHardwareReview Source
Great tool for functionally safe projects
Recently started using Blackduck SCA and it's been great using it for identifying potential threats and potential data threats - PRINCIPAL SECURITY ENGINEER50M-1B USDMiscellaneousReview Source
Great for tracking OSS in use and generating SBOM
Black Duck provides a critical service for us with Open Source Software we use. As long as this product has been around, it is still not ideal to be used at Enterprise level. It is not a product easy to scale out and does not support any type of load balancing. - CYBER SECURITY50M-1B USDBankingReview Source
Black Duck helps us to find vulnerabilities in our application
Black Duck helps us find vulnerabilities in our application by categories into 3 components. 1. Security risk in library 2. Library licensing agreement 3. Operation risk in library Which is really strange forward and easy for developer to understand and flexible for fixing. Black duck has ability to go through every part in the code to scan for vulnerabilities and show specific dependency.
Showing Result 1-5 of 13
Recommended Gartner Insights
This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
