Building Tools to Enable Software Development Teams
Atlassian is one of the most impressive success stories in the DevOps landscape today. With tools such as Bamboo CI to help developers manage continuous delivery pipelines and JIRA to automate developer workflow processes, Atlassian plays an integral role within development and DevOps teams.
Truly, it’s hard to think of many teams that have adopted agile development and DevOps who aren’t using an Atlassian solution. Likewise, Black Duck has long been focused on enabling software development teams to gain automated visibility, intelligence, and control for their use of open source. Working with Atlassian is an obvious choice, and we are excited to announce our newest plugins: the Black Duck Hub Plugin for JIRA and the Black Duck Hub Plugin for Bamboo.
The Importance of Integration in Open Source Vulnerability Management
As software development teams continue to adopt and utilize open source to build applications faster and smarter, the risk of using components with security vulnerabilities and license compliance risks grows. Manually tracking the thousands of new security vulnerabilities and navigating complex license obligations is far too cumbersome for most organizations, and no one team should be expected to have all the responsibility for such an important task.
Black Duck Hub can automatically scan, identify, and track open source components, vulnerabilities and license obligations in your applications and containers. Security management is essential at all stages of the continuous delivery pipeline, and to address that need, Black Duck has been building integrations with the tools that software development teams use throughout the application development lifecycle.
Vulnerability Management Made Easy with Hub Plugins for JIRA and Bamboo
The newest of these integrations are plugins for Atlassian’s popular JIRA and Bamboo tools. With the Hub integration for Bamboo, software teams can now easily integrate open source vulnerability management with their Bamboo CI build and test automation environment. Users can automate Black Duck Hub scans with Bamboo, view the results within the Bamboo interface (allowing developers to view risk reports without switching tools), and automate build actions based on open source policies defined in Hub. The integration with JIRA helps teams automate developer workflows for managing open source risks. Hub generates JIRA tickets automatically based on policy violations or newly identified vulnerabilities, updating tickets based on remediation actions. With these integrations, teams can manage open source security, compliance, and quality risks in their applications and containers, while maintaining development speed, agility, and productivity.
Black Duck is committed to bringing security management into the continuous delivery pipeline in a way that is automated, easy, agile, and convenient for development and DevOps teams, and we’re excited to be working with solution providers like Atlassian to create new solutions for developers. Check out the Black Duck Hub Plugins for Bamboo and JIRA on the Atlassian Marketplace, and stay tuned for more integration announcements soon.