• HOME
  • CATEGORIES

    • CATEGORIES

    • Browse All Categories
  • FOR VENDORS

    • FOR VENDORS

    • Log In to Vendor Portal
    • Get Started
  • REVIEWS

    • REVIEWS

    • Write a Review
    • Product Reviews
    • Vendor Directory
    • Product Comparisons
  • GARTNER PEER COMMUNITY™
  • GARTNER.COM
  • Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQPrivacyTerms of Service
    ©2026 Gartner, Inc. and/or its affiliates.
    All rights reserved.
  • Categories

    • No categories available

      Browse All Categories

      Select a category to view markets

  • For Vendors

    • Log In to Vendor Portal 

    • Get Started 

  • Write a Review

Join / Sign In
  1. Home
  2. /
  3. Black Duck Software Composition Analysis
Logo of Black Duck Software Composition Analysis

Black Duck Software Composition Analysis

byBlack Duck
in
4.0
Market Presence: Application Security Testing, Software Supply Chain Security

Overview

Product Information on Black Duck Software Composition Analysis

Updated 15th April 2026

What is Black Duck Software Composition Analysis?

Black Duck Software Composition Analysis is a software supply chain security solution for managing security, license compliance and code quality risks that come from the use of open source in applications, containers, and any other software artifact or binary. Black Duck SCA gives you visibility into third-party dependencies using multiple discovery techniques to generate a complete and accurate software bill of materials (SBOM). And, for every dependency identified, conducts an evaluation for associated risk and guides prioritization and remediation efforts, enabling teams to manage risk introduced by their software supply chain.

Black Duck Software Composition Analysis Pricing

Annual contract based on team size and number of code bases analyzed by the product.

Overall experience with Black Duck Software Composition Analysis

VP, COMPLIANCE AND RISK MANAGEMENT
<50M USD, Services (non-Government)
FAVORABLE

“Best-in-class SCA tool with Flexible Policy Management”

5.0
Oct 13, 2025
This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.
Manager, It Security And Risk Management
10B - 30B USD, Banking
CRITICAL

“Dated User Interface and Deployment Challenges Highlighted in Platform Feedback”

3.0
Jan 12, 2026
This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.

About Company

Company Description

Updated 15th April 2026

Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it, development and DevSecOps teams to automate testing within development pipelines without compromising velocity, and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.

Company Details

Updated 15th April 2026
Year Founded
2002
Head office location
Burlington, United States
Number of employees
1001 - 5000
Website
https://blackduck.com

Do You Manage Peer Insights at Black Duck?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Top Black Duck Software Composition Analysis Alternatives

Logo of Mend
1. Mend
4.2
(115 Ratings)
Logo of GitHub
2. GitHub
4.3
(21 Ratings)
Logo of GitLab
3. GitLab
4.3
(20 Ratings)
View All Alternatives

Peer Discussions

Black Duck Software Composition Analysis Reviews and Ratings

4.0

(13 Ratings)

Rating Distribution

5 Star
23%
4 Star
54%
3 Star
23%
2 Star
0%
1 Star
0%
Why ratings and reviews count differ?
  • Manager, It Security And Risk Management
    10B+ USD
    Banking
    Review Source

    Dated User Interface and Deployment Challenges Highlighted in Platform Feedback

    3.0
    Jan 12, 2026
    The design of the on-prem version of the platform is a bit dated. It required a considerable amount of the engineering effort to operate the platform.
  • Manager, It Security And Risk Management
    10B+ USD
    Banking
    Review Source

    Dated User Interface and Deployment Challenges Highlighted in Platform Feedback

    3.0
    Jan 12, 2026
    The design of the on-prem version of the platform is a bit dated. It required a considerable amount of the engineering effort to operate the platform.
  • Read All 13 Reviews

    Get unlimited access to verified peer reviews and insights

    Read unlimited Gartner-vetted product reviews
    View and share valuable product insights
    Download full product profiles
    Review products you use today

Recommended Gartner Insights

  • Magic Quadrant for Software Supply Chain Security
Powered by Google TranslateThis service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

This site is protected by hCaptcha and its Privacy Policy and Terms of Use apply.


Software reviews and ratings for EMMS, BI, CRM, MDM, analytics, security and other platforms - Peer Insights by Gartner
Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQsPrivacyTerms of Use

©2026 Gartner, Inc. and/or its affiliates.

All rights reserved.

Black Duck Software Composition Analysis Likes & Dislikes

Like

The combination of high security and license compliance capabilities with flexible policies makes BlackDuck Software Composition Analysis the perfect tool for companies that wish to manage Open Source at a high level. There is no need for any additional complementary tools to manage Open Source.

Like

The combination of high security and license compliance capabilities with flexible policies makes BlackDuck Software Composition Analysis the perfect tool for companies that wish to manage Open Source at a high level. There is no need for any additional complementary tools to manage Open Source.

Like

The combination of high security and license compliance capabilities with flexible policies makes BlackDuck Software Composition Analysis the perfect tool for companies that wish to manage Open Source at a high level. There is no need for any additional complementary tools to manage Open Source.

Dislike

1. The UX is a bit dated and not the most intuitive to use. 2. Deployment is hard to manage. HA requires two full stack deployments. Also, the product is only released quarterly, hence a lot of vulnerabilities in the product itself can't be patched in a timely manner. 3. Tend to have many bugs in every version.

Dislike

1. The UX is a bit dated and not the most intuitive to use. 2. Deployment is hard to manage. HA requires two full stack deployments. Also, the product is only released quarterly, hence a lot of vulnerabilities in the product itself can't be patched in a timely manner. 3. Tend to have many bugs in every version.

Dislike

1. The UX is a bit dated and not the most intuitive to use. 2. Deployment is hard to manage. HA requires two full stack deployments. Also, the product is only released quarterly, hence a lot of vulnerabilities in the product itself can't be patched in a timely manner. 3. Tend to have many bugs in every version.

Performance of Black Duck Software Composition Analysis Across Market Features
Reviewer Insights for: Black Duck Software Composition Analysis