The challenge: Ensuring open source security and license compliance
“We have a number of open source packages that we use within the ScienceLogic platform,” notes Scott Martin, director of security compliance. “Prior to Black Duck, our process of managing open source was manual, yet as an organization we’ve always been committed to ensuring the security of our product. This presented a challenge which typically amounted to countless man-hours to ensure the security of our platform. Add in the fact that we’ve grown substantially over the past year, and we had the recipe for a painful operational challenge—ensuring the security and compliance of our code.”
Why Black Duck?
“Both security and license compliance were equally important in our selection of Black Duck,” says Martin. “I started investigating available tools, and the Black Duck solution was the most comprehensive. None of the other products could do a scan at as granular a level as Black Duck and also provide a comprehensive report that I can …