BURLINGTON, Mass.--(BUSINESS WIRE)--Black Duck Software, a global leader in providing solutions for securing and managing open source software, today announced the availability of Black Duck Hub 2.2, including new, extended open source security vulnerability intelligence, providing vulnerability data beyond what is offered in the National Vulnerability Database (NVD).
VulnDB, a new vulnerability data source embedded in Black Duck’s Hub 2.2 product release, alerts customers to newly reported vulnerabilities on average three weeks sooner than NVD in 2015.
Reporting on 38 percent more vulnerabilities than NVD, VulnDB provides more comprehensive detail on each vulnerability, recommends use of the open source software version that is free of known vulnerabilities and advises on remediation steps. Customers can protect their applications from attackers by proactively identifying where known vulnerabilities exist in their open source code within days of a vulnerability being publicly reported.
“Finding open source vulnerabilities in our NFV orchestration software products manually is a burdensome process. Manual testing often yields incomplete lists requiring additional time and effort to secure software releases. With the Black Duck Hub and its VulnDB, our software team can quickly extrapolate vulnerability points and identify safe open source components. Overture can hold the line and release products quickly and securely with the Black Duck Hub,” said Richard Jenny, Director, Engineering Program Management & DevOps at Overture Networks.
About Black Duck Software
Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA and has offices in Mountain View, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.