We are able to anticipate the issues that our customers will find in our software when they scan it with Black Duck, before we ship to them. Thus, we can mitigate problems before they go out the door.

I like BD Hub when compare to Protex and CodeCenter. It's easy to handle and all in place rather than 2 legs at 2 different places. I have seen little issue with GUI provided along with Hub bit it's managable. The integration with Hub was easy along with Jenkins, Coverity, Jira and other tools. If properly integrated BD Hub along with Jenkins then the issue can be identified with Opertaional/Vulnerability/License much earlier than later. The Hub version of current one in-terms installation looks easy as one bundle instead of few different add-ons as prior. I had little issues while installation since of pre required suff with Linux lsb since it had multiple dependencies, otherwise it was easy to breeze through. Overall, my experience is good so far.

We are working in improving Open Source Culture in our Company and Customers: Black Duck HUB is a very good tool for awareness about legal, security and operational risks in using Open Source Components.

We have installed Black Duck hub and integrated with Bamboo. This is good for our pipeline workflow and subsequent analysis of findings.

I love the speed and overall simplicity of the application. It does a good job of finding most open source packages and performs identification automatically. It is very useful to see where a component is being used across my organization, as well as see other factors beyond license risk like security and operational risk.