How does it work?
Black Duck scans your codebase and creates an inventory of all open-source components used in your applications. It then checks for known vulnerabilities and potential license compliance issues and provides a detailed report of any issues found. The solution also integrates with popular development tools, such as Jenkins and Jira, to provide automated remediation and alerting capabilities.