Secure Cloud Deployments with Black Duck and Pivotal Cloud Foundry


In the world of software, containers are changing everything. We can build and deploy applications rapidly and flexibly. We can deploy in the cloud; we can scale with incredible reliability. Entire industries are evolving to empower organizations to move from traditional application development to cloud environments with full scale container deployments. Pivotal has emerged as a leader with Pivotal Cloud Foundry (PCF). PCF tools provide speed and reliability to run applications in the cloud at enterprise scale.

Containers and cloud deployments are changing the world of software security as well. In container deployments, components are comprised of primarily open source — at every layer, from the operating system to the application itself. As teams release faster, they continuously add new components. Meanwhile, an average of ten open source vulnerabilities were disclosed per day in 2016. In this rapidly changing environment it becomes incredibly difficult to understand which applications are impacted by vulnerabilities.

Learn about the Pivotal Cloud Foundry Integration with Black Duck Hub

Black Duck Hub and Pivotal Cloud Foundry Integrate 

Black Duck and Pivotal are working to solve this for you. Starting today, PCF customers can automatically scan droplets as they are instantiated with the Black Duck Hub Service Broker. The Hub Service Broker inventories all open source in your droplets and identifies any vulnerabilities. This simple tool can ensure that all your droplets have been reviewed. Armed with that knowledge, you can assess and remediate any vulnerabilities to ensure safe deployment of your PCF applications. And because Black Duck Hub continuously monitors the images you’ve scanned, you’ll be alerted when any newly reported open source vulnerabilities are found within your droplets.

Fast and Secure Cloud Development and Deployment

Black Duck and Pivotal have collaborated to integrate Black Duck Hub and Pivotal Cloud Foundry to deliver a Secure DevOps process and user experience for building and deploying applications to Pivotal Cloud Foundry.

  • Pivotal enterprise customers can find Black Duck as a tile on the Pivotal Network.
  • Black Duck Hub Service Broker enables the integrated use of Hub with Pivotal Cloud Foundry. Black Duck Hub interacts with the Pivotal Cloud Foundry build and application deployment process to automatically scan, analyze, and monitor applications and their contents.
  • Pivotal enterprise customers can automate their Black Duck scans with third-party Continuous Integration (CI) tools such as Jenkins, Bamboo, Team City, and Microsoft VSTS/TFS.

For more information, check out our Pivotal partnership page.

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Be Agile & Decrease Costs with Black Duck’s Visual Studio IDE Plugin

| Oct 11, 2017

In today’s application development world, developers rely heavily on open source to build applications smarter and bring them to market faster. The benefits of open source are clear, but dependence on open source also exposes applications to open source vulnerabilities and license compliance risks.

| MORE >

Black Duck and Google Help Teams Build Cloud Apps with Confidence

| Jul 13, 2017

The way development teams build and deploy software is always changing. Recently, though, that trend has been more drastic. Today, the most productive development teams are using containers to build, deploy, and manage applications. Containers, in turn, have given those teams the flexibility and

| MORE >