BDBA (Blackduck Binary Analysis)
Black Duck Binary Analysis (previously known as Protecode) is an Open Source Vulnerability Scan tool which provides the composition of Open Source components in a product along with Security information (no license info is provided).
BDBA (Protecode) uses a combination of static binary analysis techniques to X-ray the provided software package to identify third-party software components and their exact versions with a high level of confidence. Methods range from simple string matching to proprietary patent-pending techniques.
When to use BDBA?
- BDBA should be used to analyze:
- 3rd party software supplied in binary form, for example, in a software supply chain scenario
- Software in binary form where you do not have access to the source used to build it
No comments:
Post a Comment