Black Duck's Vulnerability Plugin for Jenkins Mitigates Risks Early in Software Development Cycle
FREMONT, CA: Black Duck, OSS logistics solution provider, announces the release of the free Black Duck Vulnerability Plugin for Jenkins. The new plugin extracts dependency data from the Jenkins build, identifies open source components used within projects, and highlights known vulnerabilities.
Black Duck’s Vulnerability Plugin automates discovery and catalogues specific versions of open source software (OSS) in use. Listing vulnerabilities in the early stages of software development saves developer time and resources which in turn helps to deliver better quality code and more secured applications. The plugin then identifies open source software containing known vulnerabilities and views the risk profile of the used OSS. With the data provided by the plugin developer gets visibility into the vulnerabilities in the software, focusing on which they can take immediate measure before finalizing it for production.
According to the National Vulnerability Database, more than 4,000 new vulnerabilities are reported in OSS each year, and thousands of these known vulnerabilities go unnoticed within a typical enterprise. By leveraging Black Duck’s KnowledgeBase and dependency data from Jenkins, the new free plugin streamlines the usually-tedious process of identifying open source components to instantly provide vulnerability and license data for open source projects.
“Continuous delivery increases the frequency of everything in the software development workflow and vulnerability detection is no exception. The Black Duck Vulnerability Plugin for Jenkins finds vulnerabilities early in the software development lifecycle, thereby accelerating the delivery of better quality code,” said Kohsuke Kawaguchi, Founder and CloudBees CTO, Jenkins.
Black Duck’s Vulnerability Plugin also generates an easy-to-share PDF report enabling development teams to work together with security teams. The plugin is free and runs for an unlimited amount of time.
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Dave Doyle, CIO & SVP, IT, Regal Entertainment Group
By Sergey Cherkasov, CIO, PhosAgro
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Mike Fitton, Wireless Business Unit Director, Altera
By Jim Kaskade, VP and GM, Big Data & Analytics, CSC
By Thomas Musgrave, EVP & CIO, AmeriCold Logistics
By Vin Sharma, Director, Strategic Planning & Marketing, Big...
By Federico Flórez, Chief Information & Innovation Officer,...
By Barbara Adams, VP, Innovative Technology Solutions, Texas...
By John Mason, CIO, Bottomline Technologies
By Jamshid Khazenie, CTO, USA Today Network / Gannett
By Miguel Gamino, CIO & Executive Director-Department of...
By Bill Schimikowski, VP, Customer Experience, Fidelity...
By Tom Bressie, Vice President, Oracle Cloud
By John Landwehr, Public Sector CTO, Adobe
By Aaron Gette, CIO, The Bay Club Company
By Denise Zabawski, CIO, Nationwide Children's Hospital
By Amit Bahree, Executive, Global Technology and Innovation,...