G2 Crowd builds the world's largest business commerce platform fueled by $100M in funding 🚀

Black Duck Hub

3.6
(11)

Organizations worldwide use Black Duck to secure and manage the open source software in their applications and containers.

Work for Black Duck Hub?

Learning about Black Duck Hub?

We can help you find the solution that fits you best.

Black Duck Hub Reviews

Ask Black Duck Hub a Question
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • Industry
Ratings
Company Size
User Role
Industry
Showing 11 Black Duck Hub reviews
LinkedIn Connections
Black Duck Hub review by rajiv a.
rajiv a.
Validated Reviewer
Verified Current User
Review Source

"Black Duck is the way to go for your open source code management "

What do you like best?

The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market.

The Web UI is well built, easy to navigate and makes the experience so easy to handle the product.

Easy docker based hub installation.

What do you dislike?

The product is really amazing already. Hub knowledge bases are huge and growing day by day. Suggest black duck to update the KBs quickly. And may be a web link shared to all the customers, who can post about the new open source bundle to fasten the on boarding of the new item. Black Duck is a duckling and is growing fast.

What business problems are you solving with the product? What benefits have you realized?

Ease in identifying the security exposures and hidden vulnerabilities created by open source components.

Time to market is faster for identifying the vulnerabilities early during the development stage.

open source license management becomes so easy now.

Sign in to G2 Crowd to see what your connections have to say about Black Duck Hub
Black Duck Hub review by Franklin D.
Franklin D.
Validated Reviewer
Verified Current User
Review Source

"Fast scanning, good ID of open source vulnerabilities, but workflow is lacking"

What do you like best?

The Hub product is very fast at scanning our software. The Knowledge Base has improved so it is correctly identifying open source components most of the time. The UI is fast and nice looking.

What do you dislike?

Still too many incorrect identifications. There is no support for a workflow to manage mitigations of vulnerabilities in a particular component in one version of a project, then apply those comments and actions to future versions, or to the same component in other projects. It doesn't keep history of changes (updates to component matches, or mitigations), doesn't allow rolling back changes in a consistent way. The flow in the UI is very inefficient -- often way too many clicks to get to related information, hard to discover many of those pages. Then when you go back it loses the originally selected item, so you have to remember it, possibly scroll to the bottom and click to advance to the right page, and find the item.

What business problems are you solving with the product? What benefits have you realized?

We have customers who scan our software with Black Duck. Having it inhouse enables us to find reported vulnerabilities in our software before we ship it, or to find out about newly discovered vulnerabilities in our existing code before customers do, so we can fix things before they ship, or be ready with information for customers.

What Static Code Analysis solution do you use?

Thanks for letting us know!
Black Duck Hub review by Emmanuel C.
Emmanuel C.
Validated Reviewer
Verified Current User
Review Source

"Essential!"

What do you like best?

Black Duck has a long history of being the industry leader in open source scanning. Their new Black Duck Hub product is a refreshingly easy to use product that meets the majority of our needs and allows us to proceed with confidence that we are accurately accounting for our open source use.

What do you dislike?

While the product does meet the majority of our needs, it doesn't meet every need. However, Black Duck is very responsive and receptive to feature requests. I also dislike the usage-based billing. The product is so easy to use that I want to scan more of my code more frequently, but the usage-based billing puts me at odds with that desire.

What business problems are you solving with the product? What benefits have you realized?

This allows us to generate an inventory of all open source we are including in our products and thus mitigate our legal risk and protect our intellectual property.

Black Duck Hub review by Haresh S.
Haresh S.
Validated Reviewer
Review Source

"Quality open source detection"

What do you like best?

It has a big knowledge base and when we started using it first for our new project to provide enhanced and ensured security ,we were able to understand them quite easier,thanks to the intuitive design and user friendly approach of design and layout they have enforced and most importantly open source detection on all cross platform browsers and dependency information for different languages like c++ and java

What do you dislike?

Devops integration is a time consuming process and we had to wait for a day to get them completed and got to track the complete progress and also to enforce them in IDE,build CI tools and container deployment platforms all the time and time reactive dynamic features for code snippets are a a hassle

Recommendations to others considering the product

Easy to use,understand the comprehensive data storage knowledge warehouse repository base

What business problems are you solving with the product? What benefits have you realized?

It helps in code security audits,code quality analysis, and encryption audits which are out of our scope and saves us a lot of time in understanding the requirement documents and saves a lot of dollars for the client and the vendor in a way

Black Duck Hub review by Britanny C.
Britanny C.
Validated Reviewer
Review Source

"Waste of money"

What do you like best?

The premise of the software is nice, but they did not deliver.

What do you dislike?

Missed key open source licensing issues and locked us into a 2-year contract. Expensive with no benefit since we ended up needing to check all the open source code we had personally. If we hadn't we could have faced significant licensing issues. Not a legally sound solution for open source licensing management.

Recommendations to others considering the product

Don't get locked into a contract, better yet don't sign up at all

What business problems are you solving with the product? What benefits have you realized?

Attempted to use BlackDuck for open source licensing management and, considering even a quick check found issues, realized it was a complete waste of money.

Black Duck Hub review by Frank F.
Frank F.
Validated Reviewer
Verified Current User
Review Source

"Black Duck Hub"

What do you like best?

Deployment was not too difficult, site works well, customer support is responsive. The Hub supports mixed LDAP/interal db authentication.

What do you dislike?

Some of the features we were interested in are still under development, due to be release later in the year.

Black Duck moved to a docker type of installation right after I deployed the solution. It would have been nice to have been given a heads up on this, I would have delayed a bit.

What business problems are you solving with the product? What benefits have you realized?

Open source licensing, security an operational risk analysis.

Black Duck Hub review by Consultant
Consultant
Validated Reviewer
Review Source

"Seems over-complicated"

What do you like best?

The quick response from the team to know if we can add it or if is already approved

What do you dislike?

There are so many different pages/screens where you have to enter information-I felt it could be consolidated-Also, it was like using DOS-If you don't search for exactly how the SW title and version were originally entered-The tool won't bring it up-Very frustrating-Could be more user-friendly & auto-fill when close-Like Google

Recommendations to others considering the product

Its hard to say since I am not sure if all of the issues were 100% Black Duck SW or a combo of it not playing well with the environment-So, I guess be sure to be clear on how well it operates in your environment

What business problems are you solving with the product? What benefits have you realized?

Once everything is entered properly-The turn-around time for answers were pretty fast

Black Duck Hub review by ʋɨɾɛɲ .
ʋɨɾɛɲ .
Validated Reviewer
Review Source

"Open Source Software - Security tools"

What do you like best?

Impressed with the Blackduck offerings to scan and manage OpenSource software, their service, and the response time .

Very detailed information on licensing and vulnerability for the open source software .

UI and the usability of the tool and its plugins makes it easier to use.

Best in class tools

What do you dislike?

Nothing to dislike in particular, however there are some short comings meeting up to our enterprises requirements, which is being addressed by BlackDuck product team

What business problems are you solving with the product? What benefits have you realized?

Opensource software scanning

Black Duck Hub review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Review Source

"Black Duck: Great for Open Source Governance"

What do you like best?

Black Duck help company in easy and compleate governance of open source use.

People can manage legal, security and operational risks using Black Duck Tools like Black Duck Hub, a really complete ad useful platform to monitor open source components in your software also as part of Continuos Integration/Continuos Delivery cycle.

What do you dislike?

Not so much detailed documentation available.

What business problems are you solving with the product? What benefits have you realized?

We are helping our customer and internal Business Line in a better governance open source usage and in monitoring and managing legal, security and operational risks in using open source components.

Black Duck Hub review by User in Printing
User in Printing
Validated Reviewer
Review Source

"It does what you need it to do."

What do you like best?

It is very thorough. As a best I included a small snippet of code I copied from a obscure blog. It identified the code.

What do you dislike?

It can be a pain at times with false alarms, and setup could be cleaner.

Recommendations to others considering the product

Use the trial and give it a good test.

What business problems are you solving with the product? What benefits have you realized?

It gave my management a safe feeling that our flagship enterprise product did not have any code that we were not entitled to.

Black Duck Hub review by User in Telecommunications
User in Telecommunications
Validated Reviewer
Review Source

"Difficult and tedious to use."

What do you like best?

That it will, eventually, perform its task.

What do you dislike?

It is difficult and tedious to use. That it is incapable of recognizing subtle differences in versions that do and don't matter. That its tasks require multiple steps that could be simplified.

What business problems are you solving with the product? What benefits have you realized?

Managing software licenses for software components in our software.

Kate from G2 Crowd

Learning about Black Duck Hub?

I can help.
* We monitor all Black Duck Hub reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.