Black Duck Recognized as a Leader in Software Composition Analysis by Independent Research Firm

News provided by

Nov 13, 2024, 10:34 ET

Black Duck receives highest possible scores in nine of the 25 criteria and second highest score overall in the current offering category.

BURLINGTON, Mass., Nov. 13, 2024 /PRNewswire/ -- Black Duck^® Software, Inc. ("Black Duck") today announced it has been recognized as a leader in The Forrester Wave™: Software Composition Analysis, Q4 2024. The report identifies the 10 most significant vendors in the software composition analysis (SCA) market and evaluates them against 25 criteria grouped into two high-level categories: current offering and strategy. Black Duck SCA received the highest possible scores in nine of the 25 criteria and the second-highest score overall in the current offering category.

The report states: "An astonishing 77% of codebases are comprised of open-source software, which means a considerable amount of an application's risk is due to third-party sources. Application security and development leaders depend on SCA tools for insight into the security risks and licensing concerns associated with open-source and third-party libraries. SCA providers stand out by not only efficiently identifying and addressing security and license risks but also embracing use cases related to the software supply chain."

Within the current offering category, Black Duck received the highest possible scores in the following criteria:

Component Identification & Analysis
License detection, analysis, & guidance
Risk intelligence
SBOM generation, export, and sharing
SBOM ingestion and analysis
Policy management
Language support

Within the strategy category, Black Duck received the highest possible scores in the following criteria:

Innovation
Supporting services and offerings

According to the report, "Black Duck Software offers exceptional open-source, third-party, and closed-source component and snippet analysis for vulnerability, license, and copyright detection. SBOM management, generation, export, ingestion, and analysis capabilities are among the best in this evaluation. Policy management is a strength, with more than 40 criteria for operational health, license risk, and security risk."

"We're proud to be recognized by Forrester as a leader in this evaluation just six weeks after launching Black Duck as an independent company," said Jason Schmitt, CEO of Black Duck. "Identifying and managing risk in open source software components and the broader software supply chain is a critical part of building trust in your software. As a pioneer in software composition analysis with highly differentiated technology and an open-source database that has been developed and enhanced over several decades, Black Duck SCA is uniquely positioned to help organizations across all industries secure their software supply chains."

Download a complimentary copy of The Forrester Wave™: Software Composition Analysis, Q4 2024.

About Black Duck
Black Duck^®, formerly known as the Synopsys Software Integrity Group, offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. Learn more at www.blackduck.com.

SOURCE Black Duck Software