23 Integrations with Black Duck
View a list of Black Duck integrations and software that integrates with Black Duck below. Compare the best Black Duck integrations as well as features, ratings, user reviews, and pricing of software that integrates with Black Duck. Here are the current Black Duck integrations in 2026:
-
1
Jira Service Management
Atlassian
Jira Service Management (formerly Jira Service Desk) empowers Dev and Ops teams to collaborate at high-velocity, so they can respond to business changes and deliver great customer and employee service experiences fast. Tune Jira Service Management to meet your unique needs. Empower every team, from IT to HR to legal, to set up a service desk quickly and continuously adapt at scale. Deliver great service experiences fast - without the complexity of traditional ITSM solutions. Track work across the enterprise through an open, collaborative platform. Link issues across Jira and ingest data from other software development tools, so your IT support and operations teams have richer contextual information to rapidly respond to requests, incidents, and changes. Deliver more customer impact while managing risk. Accelerate critical development work, eliminate toil, and deploy changes with ease, with a complete audit trail for every change.Starting Price: $20 per user per month -
2
Java
Oracle
The Java™ Programming Language is a general-purpose, concurrent, strongly typed, class-based object-oriented language. It is normally compiled to the bytecode instruction set and binary format defined in the Java Virtual Machine Specification. In the Java programming language, all source code is first written in plain text files ending with the .java extension. Those source files are then compiled into .class files by the javac compiler. A .class file does not contain code that is native to your processor; it instead contains bytecodes — the machine language of the Java Virtual Machine1 (Java VM). The java launcher tool then runs your application with an instance of the Java Virtual Machine.Starting Price: Free -
3
NorthStar Navigator
NorthStar.io, Inc.
NorthStar is redefining Risk-Based Vulnerability Management with simple, contextual vulnerability prioritization for easier remediation. Common challenges NorthStar addresses are listed below: • Prioritize issues that should be addressed first in order to make the best use of limited resources. • Address lingering exposures that could impact critical business services, applications, and data stores. • Bridge the visibility gap and discrepancies that exist between vulnerability assessment and patch management. • Track reduction in risk over time and validate the most important issues are being addressed first. • Deliver a complete view of their environment – all assets, vulnerabilities and exposures. • Eliminate manual processes and unnecessary spreadsheet work.Starting Price: $8 per device -
4
Vulcan Cyber
Vulcan Cyber
At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.Starting Price: $999 / month -
5
ThreadFix
Denim Group
ThreadFix 3.0 provides a comprehensive view of your risk from applications and their supporting infrastructure. Skip the spreadsheets and PDFs forever. From Application Security Managers to CISOs, ThreadFix helps increase efficiency across teams and provides powerful reporting to upper management. Explore the powerful benefits of ThreadFix, the industry leading application vulnerability management platform. Automatically consolidate, de-duplicate, and correlate vulnerabilities in applications to the infrastructure assets that support them using results from commercial and open source application and network scanning tools. Knowing which vulnerabilities exist is important, but it’s just a start. With ThreadFix, you will quickly spot vulnerability trends and make smart remediation decisions based on data in a centralized view. When vulnerabilities are discovered, it can be tough to go back and fix them.Starting Price: $2000 per month -
6
Logilica
Logilica
Logilica is the software engineering intelligence platform for fast moving software development teams. Fusing DevOps and Git analytics Logilica enables software leaders with distributed teams to deliver faster, more predictably. One-click connectors and APIs to your existing platform tools to ingest engineering data without moving a finger or filling in a spreadsheet. Prebuilt reports and analytics for humans. Track and optimize your investment effort, risks, and delivery speed. Effortlessly, automatically. Benefit from our open ELT data pipeline to ingest your own data, define your own metrics and dashboards, and create custom insights in minutes. See predicted delays, where to unblock processes, and how to improve delivery flow.Starting Price: $33/user/month -
7
Phoenix Security
Phoenix Security
Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.Starting Price: $3,782.98 per month -
8
Gradle
Gradle
Gradle Inc. is the company behind the leading software solution for improving developer productivity and happiness called Develocity (formerly Gradle Enterprise) and the popular open-source Gradle Build Tool, which is downloaded over 30 million times a month. Gradle is also pioneering the emerging practice of Developer Productivity Engineering (DPE). Elite development teams from companies like Airbnb, LinkedIn, Microsoft, Nasdaq, and Netflix, practice DPE to deliver quality software more rapidly at scale. They achieve this by leveraging Develocity’s innovative build and test performance acceleration technologies and analytics to proactively improve the reliability of the developer toolchain and make failure troubleshooting more efficient. -
9
OpenText Static Application Security Testing (SAST) identifies and remediates security vulnerabilities in source code early in the software development lifecycle. It supports extensive language coverage and integrates seamlessly with popular CI/CD tools such as Jenkins, Azure DevOps, Jira, and Visual Studio. The platform uses advanced static code analysis and AI-driven insights to prioritize risks and reduce false positives, enabling developers to focus on fixing critical vulnerabilities efficiently. With its customizable code analysis and rule sets, it helps reduce development time by catching issues early. OpenText SAST complies with industry standards like OWASP and offers flexible deployment options including SaaS, private cloud, and on-premises. This comprehensive approach enhances application security without sacrificing development speed or accuracy.
-
10
C#
Microsoft
C# (also known as C Sharp, pronounced "See Sharp") is a modern, object-oriented, and type-safe programming language. C# enables developers to build many types of secure and robust applications that run in .NET. C# has its roots in the C family of languages and will be immediately familiar to C, C++, Java, and JavaScript programmers. This tour provides an overview of the major components of the language in C# 8 and earlier. C# is an object-oriented, component-oriented programming language. C# provides language constructs to directly support these concepts, making C# a natural language in which to create and use software components. Since its origin, C# has added features to support new workloads and emerging software design practices. At its core, C# is an object-oriented language. You define types and their behavior.Starting Price: Free -
11
Kondukto
Kondukto
The Kondukto platform’s flexible design allows you to create custom workflows for responding to risks quickly and efficiently. Take advantage of more than 25 built-in open-source tools ready to run SAST, DAST, SCA, and Container Image scans within minutes without a need for installation, maintenance, or updates. Protect your corporate memory from changes in employees, scanners, or DevOps tools. All security data, statistics, and activities in one place for you to own. Avoid vendor lock or loss of historical data when you need to change an AppSec tool. Verify fixes automatically to ensure better collaboration and less distraction. Boost efficiency by eliminating redundant conversations between AppSec and development teams.Starting Price: $12,000 per annually -
12
Coverity Static Analysis
Black Duck
Coverity Static Analysis is a comprehensive code scanning solution that enables developers and security teams to deliver high-quality software in compliance with security, functional safety, and industry standards. It effectively uncovers complex defects across extensive codebases, identifying and resolving code quality and security issues that span multiple files and libraries. Coverity supports compliance with a wide range of standards, including OWASP Top 10, CWE Top 25, MISRA, and CERT C/C++/Java, providing built-in reports to track and prioritize issues. With the Code Sight™ IDE plugin, developers receive real-time results, including CWE information and remediation guidance, directly within their development environment, facilitating the integration of security into the software development life cycle without compromising developer velocity. -
13
Digital.ai Release
Digital.ai
Digital.ai Release (formerly XebiaLabs XL Release) is a release management tool specifically for CD. It enables teams across an organization to model & monitor releases, automate tasks within IT infrastructure, and cut release times by analyzing and improving release processes. Automate, orchestrate and get visibility into your release pipelines – at enterprise scale. Manage the most advanced release pipelines with ease. Plan, automate, and analyze the entire software release pipeline. Control and optimize software delivery. Always know the status of automated and manual steps across the release pipeline. Identify bottlenecks, reduce errors, and lower the risk of release failures. Monitor your entire release pipeline to get a clear view and up-to-date status information across tools and systems, from code to production. Customize dashboards to highlight the most important information for each release. -
14
Apache Maven
The Apache Software Foundation
Apache Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. If you think that Maven could help your project, you can find out more information in the "About Maven" section of the navigation. This includes an in-depth description of what Maven is and a list of some of its main features. If the problem has not been reported before, the recommended way to get help is to subscribe to the Maven Users Mailing list. Many other users and Maven developers will answer your questions there, and the answer will be archived for others in the future. -
15
Rezilion
Rezilion
Automatically detect, prioritize and remediate software vulnerabilities with Rezilion’s Dynamic SBOM. Focus on what matters, eliminate risk quickly, and free up time to build. In a world where time is of the essence, why sacrifice security for speed when you can have both? Rezilion is a software attack surface management platform that automatically secures the software you deliver to customers, giving teams time back to build. Rezilion is different from other security tools that create more remediation work. Rezilion reduces your vulnerability backlogs. It works across your stack, helping you to know what software is in your environment, what is vulnerable, and what is actually exploitable, so you can focus on what matters and remediate automatically. Create an instant inventory of all of the software components in your environment. Know which of your software vulnerabilities are exploitable, and which are not, through runtime analysis. -
16
C++
C++
C++ is a simple and clear language in its expressions. It is true that a piece of code written with C++ may be seen by a stranger of programming a bit more cryptic than some other languages due to the intensive use of special characters ({}[]*&!|...), but once one knows the meaning of such characters it can be even more schematic and clear than other languages that rely more on English words. Also, the simplification of the input/output interface of C++ in comparison to C and the incorporation of the standard template library in the language, makes the communication and manipulation of data in a program written in C++ as simple as in other languages, without losing the power it offers. It is a programming model that treats programming from a perspective where each component is considered an object, with its own properties and methods, replacing or complementing structured programming paradigm, where the focus was on procedures and parameters.Starting Price: Free -
17
Tromzo
Tromzo
Tromzo builds deep environmental and organizational context from code to cloud so you can accelerate the remediation of critical risks across the software supply chain. Tromzo accelerates the remediation of risks at every layer from code to cloud. We do this by building a prioritized risk view of the entire software supply chain with context from code to cloud. This context helps our users understand which few assets are critical to the business, prevent risks from being introduced to those critical assets, and automate the remediation lifecycle of the few issues that truly matter. Contextual software asset inventory (code repos, software dependencies, SBOMs, containers, microservices, etc.), so you know what you have, who owns them, and which ones are important to the business. Understand the security posture for every team with SLA compliance, MTTR, and other custom KPIs, so you can drive risk remediation and accountability across the organization. -
18
Maverix
Maverix
Maverix blends itself into the existing DevOps process, brings all required integrations with software engineering and application security tools, and manages the application security testing process end to end. AI-based automation for security issues management including detection, grouping, prioritization, filtration, synchronization, control of fixes, and support of mitigation rules. Best-in-class DevSecOps data warehouse for full visibility into application security improvements over time and team efficiency. Security issues can be easily tracked, triaged, and prioritized – all from a single user interface for the security team, with integrations to third-party products. Gain full visibility into application production readiness and application security improvements over time. -
19
Longbow
Longbow
Longbow automates the analysis and correlation of issues from Application Security Testing (AST) tools, closing the gap between security teams and remediation teams and providing the best next actions to reduce the most risk with the least amount of investment. Longbow stands at the forefront of automatically analyzing and prioritizing security issues and remediation, from AST tools to VM, CNAPP tools, and more. Our product excels in identifying and addressing the root causes of security issues, offering tailored remediation solutions that can be immediately actioned. This capability is crucial in an industry inundated with disparate vendor ecosystems and a lack of clear direction for addressing security concerns. Our product is designed to empower security, application, and DevOps teams, enabling them to efficiently mitigate risks at scale. We seamlessly integrate, normalize, and unify cross-service contexts across all of your cloud security tools. -
20
Black Duck's Mobile Application Security Testing (MAST) service offers on-demand assessments designed to address the unique security risks of mobile applications. It enables detailed analysis of client-side code, server-side code, and third-party libraries, identifying vulnerabilities even without requiring access to source code. Combining proprietary static and dynamic analysis tools, MAST provides two levels of testing depth: Standard, which integrates automated and manual analysis to detect vulnerabilities in application binaries, and Comprehensive, which adds extended manual testing to uncover issues in both mobile application binaries and their server-side functionalities. This flexible and thorough approach helps organizations reduce the risk of breaches and ensure the security of their mobile application ecosystems.
-
21
BlueFlag Security
BlueFlag Security
BlueFlag Security provides multi-layer defense, protecting developer identities and their tools throughout the software development lifecycle (SDLC). Don't let uncontrolled developer and machine identities become the Achilles' heel of your software supply chain. Weaknesses in these identities create a backdoor for attackers. BlueFlag seamlessly integrates identity security across the SDLC safeguarding your code, tools, and infrastructure. BlueFlag automates the rightsizing of permissions for developer and machine identities, enforcing the principle of least privilege throughout the dev environment. BlueFlag enforces strong identity hygiene by deactivating off-boarded users, managing personal access tokens, and restricting direct access to developer tools and repositories. BlueFlag's ensures early detection and prevention of insider threats and unauthorized privileged escalation by continuously monitoring behavior patterns across the CI/CD. -
22
Bizzy
Cyberwise
Detecting potential vulnerabilities, aggregating, enriching, and prioritizing them, and taking rapid action is critical in today's world to enhance our resilience against cyber threats. This capability should also be continuous. Bizzy platform reinforces cyber security resilience through prioritization, automation, Big Data analytics, machine learning, and vulnerability management capabilities, enabling continuous, rapid, and precise actions. Today, in order to increase our resilience against cyber attacks, we are able to be informed quickly about the vulnerabilities, bringing them together, It is important that we have the ability to relate and take quick action. carries. This ability should also carry continuity. Bizzy platform with prioritization, automation, and Big Data analysis is continuous, fast, and accurate actionable vulnerability management features It contributes to increasing the security resilience. -
23
C
C
C is a programming language created in 1972 which remains very important and widely used today. C is a general-purpose, imperative, procedural language. The C language can be used to develop a wide variety of different software and applications including operating systems, software applications, code compilers, databases, and more.
- Previous
- You're on page 1
- Next
