Manage Security Risk in GitHub Open Source Projects with CoPilot

Manage Security Risk in GitHub Open Source Projects with CoPilot 

CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.

CoPilot supports a variety of CI/CD tools such as Travis and a variety of languages including Java, C#, Ruby, Scala, R and many others.  Watch this brief video to learn how to set up and use CoPilot, plus a demo to help you understand how you can use this non-intrusive security risk assessment to demonstrate that you are responsible producers of open source software.  

CoPilot also provides insight into the security vulnerabilities before merging them back into the main branch through pull request integration. Before you approve a pull request, CoPilot informs you which components will be added or removed, and how that affects your security risk level.


Try CoPilot out today to get an at-a-glance view of the security risk discovered in your GitHub project - plus how to mitigate that risk. 

Try Black Duck's CoPilot - to find vulnerable component dependencies in your projects

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Black Duck CoPilot is Now General Availability!

| Dec 11, 2017

With the GA release of CoPilot, the genesis of the an idea developed by a couple of Black Duck developers who are open source contributors comes to fruition. Read how their idea developed. The Black Duck CoPilot GA version 1.0 is available after months of feedback in Beta. We also recently

| MORE >