Everything you need to know about Black Duck Security Advisories

Everything you need to know about Black Duck Security Advisories

When we released Black Duck 4.4, we announced the creation of our own Black Duck Security Advisories (BDSAs). BDSAs offer a more complete and in-depth view of your vulnerabilities.

DevOps Connect:DevSecOps @ RSAC 2022

Since then, many of our customers have reached out with various questions. I’m here to provide a brief overview of some of the differences between standard NVD vulnerabilities and BDSAs. I’m also going to share some of the most valuable information you’ll get with BDSAs.

Learn more about Black Duck’s detailed scoring information for both CVSS 2.0 and 3.0 scoring as well as temporal scoring. BDSA records also provide key Common Weakness Enumeration (CWE) classifications for all vulnerabilities, providing our customers with essential insight into the type of weakness being exposed.

How do you get Black Duck Security Advisories? BDSAs are available to our security and professional customers on Black Duck version 4.4 or later. Contact your CRM rep or our support team for more information.

Want Black Duck Security Advisories but not yet a customer?
Learn more about Black Duck.

*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Jeff Michael. Read the original post at: