Skip to main content

Mitigate Open Source Risks with License Compliance and Policy Requirements

Black Duck Hub is now the premiere platform for open source security and compliance.

Request a Demo

Black Duck Automates Open Source Compliance

Protex™, Black Duck’s original solution for managing open source license compliance, integrates with existing development tools to automatically scan, identify, and inventory open source software.

Protex™ has allowed organizations to better understand open source license obligations, conflicts and risks. This has enabled companies worldwide to mitigate open source risks through license compliance enforcement and corporate policy requirements.

While Protex™ long maintained its position as the industry’s leading solution for open source license compliance, Black Duck’s newest offering, Black Duck Hub is now the premiere platform for open source security and compliance.

Are you in control of your open source?

Black Duck helps you reduce business risks and complete software projects on time and on budget.

Scan software contents

Inventory open source

Identify potential license risks

Streamline open source audits

Black Duck Hub vs. Protex™

Black Duck Hub is the leading platform for automated license compliance and open source security. Black Duck Hub helps security and development teams identify and mitigate open source-related risks across their application portfolio, while incorporating the functionality of Protex license compliance.

  • With Protex, it’s much easier to confirm where unintended open source is used in our products, and we’ve significantly reduced the risks of license violations.

    - Nobuko Hattori, Chief Engineer Software Strategy, Olympus

Key Features of Black Duck Hub

  • Policy Management: Set policies for open source projects, license types, and vulnerability tolerance. Quickly identify policy violations and manage exceptions by project and component.
  • DevOps Integrations: The Hub Detect open source discovery client makes it easy to integrate Black Duck Hub into your existing development tools and processes.
  • Customizable Bill of Materials: Maintain code visibility with an editable open source BOM, combining results from automated scanning, build-tool and package-manager manifests, and manual entries.
  • Automatic Vulnerability Mapping/Alerts: Identify known vulnerabilities associated with the open source in your applications and get alerts when new vulnerabilities are reported which affect you.
  • Enhanced Vuln Data: Black Duck Hub provides detailed insight into your application security risk posture with risk-ranked severity metrics and with enhanced vulnerability data from the Black Duck KnowledgeBase
  • Remediation Tracking: Track planned and actual vulnerability remediation progress within individual projects. Leverage Black Duck’s bi-directional Jira integration, or easily import remediation reports into 3rd party tools via a CSV export feature.
  • Risk Dashboards and Reports: Analyze risks within and across projects with easy-to-understand security, license, community activity risk, and remediation progress dashboards and reports.