Black Duck Releases Free Jenkins Vulnerability Plugin

Date 2015/6/18 9:37:26 | Topic: Product News

Black Duck Software has announced the release of the free Black Duck Vulnerability Plugin for Jenkins. The new plugin extracts dependency data from the Jenkins build and automates the discovery of open source software used within projects while detecting known security vulnerabilities.

According to the National Vulnerability Database, more than 4,000 new vulnerabilities are reported in open source software each year, and thousands of these known vulnerabilities go unnoticed within a typical enterprise. By leveraging Black Duck’s KnowledgeBase, the new free plugin streamlines the usually-tedious process of identifying open source components to instantly provide vulnerability and license data on more than one million open source projects. Identifying the vulnerabilities within each build means mitigating risks early in the software development cycle.

“Continuous delivery increases the frequency of everything in the software development workflow and vulnerability detection is no exception,” said Jenkins Founder and CloudBees CTO Kohsuke Kawaguchi. “The Black Duck Vulnerability Plugin for Jenkins finds vulnerabilities early in the software development lifecycle, thereby accelerating the delivery of better quality code.” Black Duck’s Vulnerability Plugin also generates an easy-to-share .PDF report enabling development teams to work together with security teams. The plugin is free and runs for an unlimited amount of time. 

This article comes from Software Development Tools

The URL for this story is: