Black Duck Software Composition Analysis Alternatives

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.

Open Source

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.

Open Source freemium $150.0 / Annually

Ensure healthy website performance, uptime, and free from vulnerabilities. Automatic checks for SSL Certificates, domains and monitor issues with your websites all from one console and get instant notifications on any issues.

Try for free freemium $9.0 / Monthly (Lite plan)

Find & fix security and compliance issues in open source libraries in real-time.

freemium

The industry’s most comprehensive AppSec platform, Checkmarx One is fast, accurate, and accelerates your business.

Open source license compliance and dependency analysis

Open Source

Create, review and deploy code together with GitLab open source git repo management software | GitLab

JFrog Xray is a universal software composition analysis (SCA) solution that natively integrates with Artifactory

OWASP Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows...

Open Source

Automated dependency updates for your Ruby, Python, JavaScript, PHP, .NET, Go, Elixir, Rust, Java and Elm.

Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.

Organizations worldwide use Black Duck Software's open source management and security solutions to ensure security in their applications and containers.‎About · ‎We're Hiring!

Veracode's application security software products are simpler and more scalable to increase the resiliency of your application infrastructure.

Nessus Professional is a security platform designed for businesses who want to protect the security of themselves, their clients, and their customers.