A common belief within DevOps circles is that automation not only enables greater frequency of delivery and deployment, but improves its overall success rate. Whenever manual intervention is required, the chances of errors creeping in increases. Human error is a significant factor in many an outage, after all ...
Black Duck is now a Google Cloud Technology Partner.
Through the collaboration, Google customers can use Black Duck solutions to accelerate production use of the cloud and containers as well as increase security and productivity with automated intelligence, visibility and control as they move workloads to the Google Cloud Platform (GCP).
Black Duck is releasing its flagship Black Duck Hub solution as a cloud service on Google Cloud Launcher Marketplace, enabling organizations to deploy Hub on GCP. Hub allows Google Cloud customers to scan applications and container images, identify all the open source components, detect and analyze known security vulnerabilities, compliance issues, and code-quality risks, and enable policy management to control risks and their remediation.
Additionally, Hub dynamically monitors the scanned code and provides alerts on newly discovered open source vulnerabilities or policy violations. Google customers can also use Hub to access the Black Duck KnowledgeBase, a data store of open source components and risk intelligence.
With Black Duck Hub on GCP, users can automate security and compliance as a part of their development lifecycle and continuous integration and delivery (CI/CD) pipeline, allowing DevOps and Security teams to enhance speed and agility while controlling risks.
- Black Duck Hub integration with Google Container Engine (GKE) allows users to scan and monitor container images in the Google Container Registry (GCR).
- Black Duck Hub can be used with third-party CI/CD tools on GCP, including Jenkins on Google Container Engine in a multi-node Kubernetes cluster, or with Bamboo, Team City, Maven, and Gradle.
- Black Duck’s IDE integrations allow software developers to select safe and secure open source using plug-ins to Eclipse and Visual Studio.
“For very clear economic and productivity reasons organizations are highly motivated to migrate their applications to the cloud. Because open source comprises most of the code in their applications and containers, they need to be sure the open source is secure and compliant. Black Duck Hub and Google Cloud provide that assurance,” said Black Duck CEO Lou Shipley.
Google Cloud customers can install Black Duck Hub through the Google Cloud Launcher Marketplace, allowing them to run scans directly in the Google Cloud environment.