# Black Duck Reviews **Vendor:** Synopsys **Category:** [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis) **Average Rating:** 4.0/5.0 **Total Reviews:** 28 ## About Black Duck Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, Vancouver, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com ## Black Duck Pros & Cons **What users like:** - Users admire the **accuracy of findings** in Black Duck, praising its powerful engine for identifying open source issues. (1 reviews) - Users commend Black Duck for its **robust identification of open source issues** and its extensive knowledge base. (1 reviews) **What users dislike:** - Users note that it requires **huge resources** to deploy Black Duck on-prem, which can be a significant drawback. (1 reviews) ## Black Duck Reviews ### 1. High-Performing and Effective, with Appreciated Automatic Alerts **Rating:** 4.0/5.0 stars **Reviewed by:** Renato Z. | Business Development Leader, Mid-Market (51-1000 emp.) **Reviewed Date:** April 07, 2026 **What do you like best about Black Duck?** Perfoming and effective. Automatic alerts are really appreciated and **What do you dislike about Black Duck?** Prices are not affordable and UX interface not so easy. Sometimes scanning are a little slow **What problems is Black Duck solving and how is that benefiting you?** Black Duck helped us to understand where our code was not performing well. We improved visibility and we were able to keep under control security and legal risks ### 2. Powerful SCA Tool with Extensive Knowledge, but Resource-Heavy On-Prem Deployment **Rating:** 5.0/5.0 stars **Reviewed by:** Lokesh T. | Sr. Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** October 17, 2025 **What do you like best about Black Duck?** I found it as a best SCA tool, where its engine is very powerful in identifying Open source issues, And the main thing is that its Black Duck Knowledge is very huge **What do you dislike about Black Duck?** The only drawback is it require huge resource to deploy in on-prem **What problems is Black Duck solving and how is that benefiting you?** It solves addressing Open Source Issues basically its a Software composition Analysis tool. ### 3. good service and excellent support **Rating:** 5.0/5.0 stars **Reviewed by:** Neri Rafael C. | Developer TI, Small-Business (50 or fewer emp.) **Reviewed Date:** October 31, 2022 **What do you like best about Black Duck?** my position within the organization as DevSecOps and developer can be quite complicated without the use of services or tools such as those provided by the whitehat sentinel team, we have used it for more than 4 years and the development support is always elementary, the The issue of security is something serious and it is something that must be studied permanently, they help you to have what you need **What do you dislike about Black Duck?** This is very complex since for the niche that they offer service, in my opinion, if they meet the expectations, so I could say that I do not find a specific point to suggest any improvement at the moment. **What problems is Black Duck solving and how is that benefiting you?** security at all times is very important in each application development that involves data from clients and administrative personnel, this is something that must always be taken into account and this team does everything to shield our people. ### 4. Whitehat sentinel **Rating:** 4.5/5.0 stars **Reviewed by:** omkar r. | Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** February 02, 2023 **What do you like best about Black Duck?** Security Experts analyse potential vulnerabilities. Minimal false positives. Alerts for newly discovered vulnerabilities.tracking all records previous as well as present. **What do you dislike about Black Duck?** The vendor provides scanning, identification, engineering support and risked based reporting of security vulnerabilities. It is little bit slow other wise it is very good. **What problems is Black Duck solving and how is that benefiting you?** The vendor provides scanning, identification, engineering support and risked based reporting of security vulnerabilities.it support to better quality of software. ### 5. Benchmark in software composition analysis **Rating:** 4.5/5.0 stars **Reviewed by:** Shreyans M. | Scrum Master, Mid-Market (51-1000 emp.) **Reviewed Date:** October 03, 2021 **What do you like best about Black Duck?** One of the top solution providers to help manage security vulnerabilities, code quality, code smells, bugs and compliance risk associated with third-party open source code in an effective way. It supports wide range of languages some of which include Java, Cobol, Javascript, C#, C and C++. This software is the benchmark solution to elevate the continuous inspection element in CI/CD model **What do you dislike about Black Duck?** The cost is relatively higher than the other solutions in the market which makes it a difficult choice for organisations **What problems is Black Duck solving and how is that benefiting you?** Having used this software for a few years I have been able to cut down on a substantial amount of rework by detecting and analysing vulnerabilities before leveraging any open source code. With the timely upgradation of this software it becomes easy to stay updated in terms of the handling newer type of vulnerabilities introduced in the market ### 6. Legal and Operational risks management tool. **Rating:** 4.0/5.0 stars **Reviewed by:** Pratik H. | IT Project Coordinator, Mid-Market (51-1000 emp.) **Reviewed Date:** November 03, 2021 **What do you like best about Black Duck?** It has impressive features for both legal & security 3rd party software compliance. UI is easy to understand. It helps us to analyze the code in a timely and accurate manner. **What do you dislike about Black Duck?** According to me it has all the features required. It is fast and easy to use. **What problems is Black Duck solving and how is that benefiting you?** The support team is always available to resolve the problem if any. Rest it helps us to know what's in your code and analyze your code in a timely and accurate manner. ### 7. What's there in your code? **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** November 02, 2021 **What do you like best about Black Duck?** Blackduck is part of Devonshire which provides us automatic scanning. Black duck is not just for devops but also Secops. Blackduck has the most extensive open source KB in the industry **What do you dislike about Black Duck?** I am expecting better governance of teams. I have various teams using the capacity and I need to know which team is using how much. Black duck can come up with tenancy. **Recommendations to others considering Black Duck:** Well suited:. Easily come out of pain to manage open source components. No worries, Black duck is to the rescue, it takes care of your pen source components in terms of license and security. Also SecOps eases with the super Black duck Less suited: can't really come up with a scenario, where it can be less suited. Until you stop using open source components in your code, quite impossible **What problems is Black Duck solving and how is that benefiting you?** Black duck being rich in its knowledge base about the vulnerabilities and license issues of open source components, quickly compares the identified inventory to the Black duck knowledge base and lists all the vulnerabilities and license issues in the code ### 8. Need of today’s market **Rating:** 4.5/5.0 stars **Reviewed by:** SAILEE J. | Scrum Master [Associate], Small-Business (50 or fewer emp.) **Reviewed Date:** October 03, 2021 **What do you like best about Black Duck?** Black duck is certainly an industry leader in open source scanning primarily due to the fact that it is simpler to use and hence eliminate majority open source vulnerabilities and bugs and licensing issues. Should there be any enhancement request Blackduck is fairly adaptive and responsive towards implementing the same. **What do you dislike about Black Duck?** The reporting could be enhanced as it does not provide the output the way one would expect it to be owing to which, it adds additional overhead to present the result in a better way **What problems is Black Duck solving and how is that benefiting you?** It is very quick and responsive I remember including us small sized code from a random source and Blackduck immediately identified it ### 9. Good security, Stable and feature rich. **Rating:** 4.5/5.0 stars **Reviewed by:** Ali s. | Customer Service Representative, Mid-Market (51-1000 emp.) **Reviewed Date:** November 22, 2021 **What do you like best about Black Duck?** Black duck software composition analysis works amazing on Mac, It has a good security and excellent features that protects and examines our source code from compliance issues. **What do you dislike about Black Duck?** Black duck should add features like packet analysis and binary analysis for better performance. **What problems is Black Duck solving and how is that benefiting you?** We use black duck to audit our source code to protect from liscence and open source compliance. It is easy to use, stable, and well recognized in the industry. ### 10. SecOps made easy **Rating:** 4.5/5.0 stars **Reviewed by:** Shayna A. | Academic Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** October 29, 2021 **What do you like best about Black Duck?** Quick inventory scan, Security and License risk management, integration for automatic scanning. **What do you dislike about Black Duck?** It is slow, outdated design and is to expensive. **What problems is Black Duck solving and how is that benefiting you?** Black Duck being well established about the vulnerabilities and license issues of open source components, quickly compares the identified inventory to the Black Duck knowledge base and lists all the vulnerabilities and license issues in the code. ### 11. Black duck is an excellent and reliable software to detect vulnerablities and security risks. **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** September 07, 2021 **What do you like best about Black Duck?** Black duck serves as a good platform to identify third party software risk factors. It can be easily integrated as of part of CI/CD tools to scan security, license risk etc. It shows the exact break up of all the risky components of the binaries. **What do you dislike about Black Duck?** It's very strict in compliance check so during upgradation of third party software it is diffcult to ignore some of the risks. But that shows how efficient Black duck software is. Also, using open source software creates license risks. **What problems is Black Duck solving and how is that benefiting you?** Using Black duck for binary scans as a part of DevOps activity to ensure the security and operation risk complaince that has helped to manage the risks and triage vulnerabilies in the softwares. ### 12. Black Duck SCA tool for vulnerabilities **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Small-Business (50 or fewer emp.) **Reviewed Date:** September 13, 2021 **What do you like best about Black Duck?** Custom policies, IDE integration during the development life cycle.Jira tickets are being created for the issues **What do you dislike about Black Duck?** Dont have any suggestion here which i have not liked so far. **Recommendations to others considering Black Duck:** It was part of the ci/Cd pipeline to detect and create the jirra issues for corresponding vulnerabilities **What problems is Black Duck solving and how is that benefiting you?** It was part of the ci/Cd pipeline to detect and create the Jira issues for corresponding vulnerabilities ### 13. The report is crisp and easy for deciding actionables **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Utilities | Small-Business (50 or fewer emp.) **Reviewed Date:** September 08, 2021 **What do you like best about Black Duck?** The report is crisp and easy for deciding actionable **What do you dislike about Black Duck?** documentation could be better for implementation **What problems is Black Duck solving and how is that benefiting you?** Able to find out the vulnerabilities and keep my systems secure & compliant ### 14. Very basic UI **Rating:** 2.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** September 26, 2019 **What do you like best about Black Duck?** Comprehensive analysis. It does a good job finding everything. **What do you dislike about Black Duck?** The output sucks, there's no comprehensive reports or nice UI or anything. It's all very basic/raw. They expect you to take all that raw information and make your own "pretty" reports with it, they have no product that can do that nor do they have any recommendations on 3rd party vendors that will do it. **What problems is Black Duck solving and how is that benefiting you?** Finding any open source being used either directly or indirectly (ie through libraries or libraries of libraries) and all licenses that are being used. ### 15. Black Duck Hub provides excellent opportunities for finding vulnerabilities. **Rating:** 5.0/5.0 stars **Reviewed by:** laura c. | IT Specialist, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** November 02, 2018 **What do you like best about Black Duck?** This is really an amazing and outstanding product that provides us a lot of information and it is progressing day by day with the passage of time. Hidden vulnerabilities and security exposures can easily and efficiently be identified with the help of this splendid software. It's interface is absolutely clean. Powerful tool for creating awareness related to legal security. Fit for open source packages. This software works very fast and really easy to scan. I love the integration offered by this software. **What do you dislike about Black Duck?** I am fully satisfied with this software but I would say its reporting should be improved and it should have more preferable API experience. Another con is that users have to face difficulties while installing this software. Because of billing model, this application seems to be quite expensive. **Recommendations to others considering Black Duck:** IT field must try this tool. Even start from trail. Because of its being well-developed. Recommended !! **What problems is Black Duck solving and how is that benefiting you?** For the business it is no doubt very useful and helps us in code security, quality analysis and audits. I can say in simple words that it saves user's time and it is one of our great benefits. ### 16. Really useful tool **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** February 04, 2019 **Describe the project or task Black Duck helped with:** Scanning project for known vulnerabilities in the known 3rd party libraries. **What do you like best about Black Duck?** It gives you the information about security issues and licence constraints of known 3rd party libraries your project is using. Usually you don't have control or knowledge over all 3rd party libraries used in your project it is crucial to know whether current version has any kind of issues (security or licence). Having a tool to give you this information is a next level of quality of your product. It also suggests the update version with no known issues. **What do you dislike about Black Duck?** I had an issue it reporting a library version that officially wasn't released. It was hard to get additional details from the internet about that library to make an assessment. But that's not a big issue as it anyway suggested to update it to a latter version. ### 17. Makes open source security a breeze! **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Banking | Mid-Market (51-1000 emp.) **Reviewed Date:** September 12, 2018 **Describe the project or task Black Duck helped with:** Detecting vulnerabilities in open source software, license management **What do you like best about Black Duck?** I like how easy it is to look up if you are effected by a security vulnerability. The product makes enforcing security policies so simple. Blackduck helps in detecting vulnerabilities before you use open source software and avoids unnecessary rework.The Black Duck KnowledgeBase is up to date and very informative.I can't t **What do you dislike about Black Duck?** I can't think of anything I don't like about the product ### 18. Quality open source detection **Rating:** 3.5/5.0 stars **Reviewed by:** Haresh S. | Software Developer, Computer Software, Enterprise (> 1000 emp.) **Reviewed Date:** November 16, 2017 **What do you like best about Black Duck?** It has a big knowledge base and when we started using it first for our new project to provide enhanced and ensured security ,we were able to understand them quite easier,thanks to the intuitive design and user friendly approach of design and layout they have enforced and most importantly open source detection on all cross platform browsers and dependency information for different languages like c++ and java **What do you dislike about Black Duck?** Devops integration is a time consuming process and we had to wait for a day to get them completed and got to track the complete progress and also to enforce them in IDE,build CI tools and container deployment platforms all the time and time reactive dynamic features for code snippets are a a hassle **Recommendations to others considering Black Duck:** Easy to use,understand the comprehensive data storage knowledge warehouse repository base **What problems is Black Duck solving and how is that benefiting you?** It helps in code security audits,code quality analysis, and encryption audits which are out of our scope and saves us a lot of time in understanding the requirement documents and saves a lot of dollars for the client and the vendor in a way ### 19. Black Duck is the way to go for your open source code management **Rating:** 5.0/5.0 stars **Reviewed by:** rajiv a. | Sr. Specialist Cloud Architect, Computer Software, Enterprise (> 1000 emp.) **Reviewed Date:** August 29, 2017 **What do you like best about Black Duck?** The ease of identifying and managing the open source code and as well examining the source code for vulnerabilities and specifically the hidden security vulnerabilities is amazing. This is the product that every organization should look out to manage the source code for identifying quickly about vulnerabilities, open source code license management which can be lethal if ignored. Easily integrates with your current CI engines and sets the pace for your time to market. The Web UI is well built, easy to navigate and makes the experience so easy to handle the product. Easy docker based hub installation. **What do you dislike about Black Duck?** The product is really amazing already. Hub knowledge bases are huge and growing day by day. Suggest black duck to update the KBs quickly. And may be a web link shared to all the customers, who can post about the new open source bundle to fasten the on boarding of the new item. Black Duck is a duckling and is growing fast. **What problems is Black Duck solving and how is that benefiting you?** Ease in identifying the security exposures and hidden vulnerabilities created by open source components. Time to market is faster for identifying the vulnerabilities early during the development stage. open source license management becomes so easy now. ### 20. Fast scanning, good ID of open source vulnerabilities, but workflow is lacking **Rating:** 3.0/5.0 stars **Reviewed by:** Franklin D. | Internal Consultant, Computer Software, Mid-Market (51-1000 emp.) **Reviewed Date:** July 28, 2017 **What do you like best about Black Duck?** The Hub product is very fast at scanning our software. The Knowledge Base has improved so it is correctly identifying open source components most of the time. The UI is fast and nice looking. **What do you dislike about Black Duck?** Still too many incorrect identifications. There is no support for a workflow to manage mitigations of vulnerabilities in a particular component in one version of a project, then apply those comments and actions to future versions, or to the same component in other projects. It doesn't keep history of changes (updates to component matches, or mitigations), doesn't allow rolling back changes in a consistent way. The flow in the UI is very inefficient -- often way too many clicks to get to related information, hard to discover many of those pages. Then when you go back it loses the originally selected item, so you have to remember it, possibly scroll to the bottom and click to advance to the right page, and find the item. **What problems is Black Duck solving and how is that benefiting you?** We have customers who scan our software with Black Duck. Having it inhouse enables us to find reported vulnerabilities in our software before we ship it, or to find out about newly discovered vulnerabilities in our existing code before customers do, so we can fix things before they ship, or be ready with information for customers. ### 21. Waste of money **Rating:** 0.0/5.0 stars **Reviewed by:** Britanny C. | Head of Marketing, Venture Capital & Private Equity, Small-Business (50 or fewer emp.) **Reviewed Date:** January 17, 2018 **What do you like best about Black Duck?** The premise of the software is nice, but they did not deliver. **What do you dislike about Black Duck?** Missed key open source licensing issues and locked us into a 2-year contract. Expensive with no benefit since we ended up needing to check all the open source code we had personally. If we hadn't we could have faced significant licensing issues. Not a legally sound solution for open source licensing management. **Recommendations to others considering Black Duck:** Don't get locked into a contract, better yet don't sign up at all **What problems is Black Duck solving and how is that benefiting you?** Attempted to use BlackDuck for open source licensing management and, considering even a quick check found issues, realized it was a complete waste of money. ### 22. Essential! **Rating:** 4.5/5.0 stars **Reviewed by:** Emmanuel C. | Project Manager, Technology Operations, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** May 25, 2017 **What do you like best about Black Duck?** Black Duck has a long history of being the industry leader in open source scanning. Their new Black Duck Hub product is a refreshingly easy to use product that meets the majority of our needs and allows us to proceed with confidence that we are accurately accounting for our open source use. **What do you dislike about Black Duck?** While the product does meet the majority of our needs, it doesn't meet every need. However, Black Duck is very responsive and receptive to feature requests. I also dislike the usage-based billing. The product is so easy to use that I want to scan more of my code more frequently, but the usage-based billing puts me at odds with that desire. **What problems is Black Duck solving and how is that benefiting you?** This allows us to generate an inventory of all open source we are including in our products and thus mitigate our legal risk and protect our intellectual property. ### 23. Seems over-complicated **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2017 **What do you like best about Black Duck?** The quick response from the team to know if we can add it or if is already approved **What do you dislike about Black Duck?** There are so many different pages/screens where you have to enter information-I felt it could be consolidated-Also, it was like using DOS-If you don't search for exactly how the SW title and version were originally entered-The tool won't bring it up-Very frustrating-Could be more user-friendly & auto-fill when close-Like Google **Recommendations to others considering Black Duck:** Its hard to say since I am not sure if all of the issues were 100% Black Duck SW or a combo of it not playing well with the environment-So, I guess be sure to be clear on how well it operates in your environment **What problems is Black Duck solving and how is that benefiting you?** Once everything is entered properly-The turn-around time for answers were pretty fast ### 24. It does what you need it to do. **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Printing | Enterprise (> 1000 emp.) **Reviewed Date:** November 17, 2017 **What do you like best about Black Duck?** It is very thorough. As a best I included a small snippet of code I copied from a obscure blog. It identified the code. **What do you dislike about Black Duck?** It can be a pain at times with false alarms, and setup could be cleaner. **Recommendations to others considering Black Duck:** Use the trial and give it a good test. **What problems is Black Duck solving and how is that benefiting you?** It gave my management a safe feeling that our flagship enterprise product did not have any code that we were not entitled to. ### 25. Black Duck Hub **Rating:** 4.0/5.0 stars **Reviewed by:** Frank F. | Senior Chief Engineer, Entertainment, Enterprise (> 1000 emp.) **Reviewed Date:** May 23, 2017 **What do you like best about Black Duck?** Deployment was not too difficult, site works well, customer support is responsive. The Hub supports mixed LDAP/interal db authentication. **What do you dislike about Black Duck?** Some of the features we were interested in are still under development, due to be release later in the year. Black Duck moved to a docker type of installation right after I deployed the solution. It would have been nice to have been given a heads up on this, I would have delayed a bit. **What problems is Black Duck solving and how is that benefiting you?** Open source licensing, security an operational risk analysis. ### 26. Black Duck: Great for Open Source Governance **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** September 27, 2017 **What do you like best about Black Duck?** Black Duck help company in easy and compleate governance of open source use. People can manage legal, security and operational risks using Black Duck Tools like Black Duck Hub, a really complete ad useful platform to monitor open source components in your software also as part of Continuos Integration/Continuos Delivery cycle. **What do you dislike about Black Duck?** Not so much detailed documentation available. **What problems is Black Duck solving and how is that benefiting you?** We are helping our customer and internal Business Line in a better governance open source usage and in monitoring and managing legal, security and operational risks in using open source components. ### 27. Difficult and tedious to use. **Rating:** 2.0/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** November 08, 2017 **What do you like best about Black Duck?** That it will, eventually, perform its task. **What do you dislike about Black Duck?** It is difficult and tedious to use. That it is incapable of recognizing subtle differences in versions that do and don't matter. That its tasks require multiple steps that could be simplified. **What problems is Black Duck solving and how is that benefiting you?** Managing software licenses for software components in our software. **Official Response from Haidee LeClair:** > Thanks for the feedback; we’re sorry you are having problems with your instance. Please reach out to Steve Gorman, Director of Technical Support at sgorman@blackducksoftware.com, or of course your Customer Success Manager or the Support team so that we can do a review of your account and figure out what is happening. We hope to talk to you soon. ### 28. Open Source Software - Security tools **Rating:** 5.0/5.0 stars **Reviewed by:** ʋɨɾɛɲ . | Vice President, Financial Services, Enterprise (> 1000 emp.) **Reviewed Date:** May 26, 2017 **What do you like best about Black Duck?** Impressed with the Blackduck offerings to scan and manage OpenSource software, their service, and the response time . Very detailed information on licensing and vulnerability for the open source software . UI and the usability of the tool and its plugins makes it easier to use. Best in class tools **What do you dislike about Black Duck?** Nothing to dislike in particular, however there are some short comings meeting up to our enterprises requirements, which is being addressed by BlackDuck product team **What problems is Black Duck solving and how is that benefiting you?** Opensource software scanning ## Black Duck Discussions - [What languages does Black Duck support?](https://www.g2.com/discussions/what-languages-does-black-duck-support) - [What is software composition analysis?](https://www.g2.com/discussions/what-is-software-composition-analysis) - [What is Black Duck analysis?](https://www.g2.com/discussions/what-is-black-duck-analysis) - [What is the use of Black Duck software?](https://www.g2.com/discussions/what-is-the-use-of-black-duck-software) - [View Black Duck pricing details and edition comparison](https://www.g2.com/products/black-duck/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-14+17%3A54%3A36+-0500&secure%5Bsession_id%5D=9fe15626-3c53-4b19-8994-586954462e5c&secure%5Btoken%5D=4a02e4c7a8d2dfbd189dc04c500fd43766dd1a35ecc1bb4955c9c1c951729313&format=llm_user) ## Black Duck Features **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Performance - AI AppSec Assistants** - Remediation - Real-time Vulnerability Detection - Accuracy **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Integration - AI AppSec Assistants** - Stack Integration - Workflow Integration - Codebase Contextual Awareness ## Top Black Duck Alternatives - [SonarQube](https://www.g2.com/products/sonarqube/reviews) - 4.4/5.0 (138 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) - 4.5/5.0 (132 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) - 3.8/5.0 (24 reviews)