In light of the recent Equifax breach, Gene Kim and speakers from the upcoming DevOps Enterprise Summit San Francisco (DOES17) dissected the situation and discussed the technical leadership lessons learned while offering their own expert advice for handling crisis situations. The following are more highlights from the discussion ...
Black Duck is now a Google Cloud Technology Partner.
Through the collaboration, Google customers can use Black Duck solutions to accelerate production use of the cloud and containers as well as increase security and productivity with automated intelligence, visibility and control as they move workloads to the Google Cloud Platform (GCP).
Black Duck is releasing its flagship Black Duck Hub solution as a cloud service on Google Cloud Launcher Marketplace, enabling organizations to deploy Hub on GCP. Hub allows Google Cloud customers to scan applications and container images, identify all the open source components, detect and analyze known security vulnerabilities, compliance issues, and code-quality risks, and enable policy management to control risks and their remediation.
Additionally, Hub dynamically monitors the scanned code and provides alerts on newly discovered open source vulnerabilities or policy violations. Google customers can also use Hub to access the Black Duck KnowledgeBase, a data store of open source components and risk intelligence.
With Black Duck Hub on GCP, users can automate security and compliance as a part of their development lifecycle and continuous integration and delivery (CI/CD) pipeline, allowing DevOps and Security teams to enhance speed and agility while controlling risks.
- Black Duck Hub integration with Google Container Engine (GKE) allows users to scan and monitor container images in the Google Container Registry (GCR).
- Black Duck Hub can be used with third-party CI/CD tools on GCP, including Jenkins on Google Container Engine in a multi-node Kubernetes cluster, or with Bamboo, Team City, Maven, and Gradle.
- Black Duck’s IDE integrations allow software developers to select safe and secure open source using plug-ins to Eclipse and Visual Studio.
“For very clear economic and productivity reasons organizations are highly motivated to migrate their applications to the cloud. Because open source comprises most of the code in their applications and containers, they need to be sure the open source is secure and compliant. Black Duck Hub and Google Cloud provide that assurance,” said Black Duck CEO Lou Shipley.
Google Cloud customers can install Black Duck Hub through the Google Cloud Launcher Marketplace, allowing them to run scans directly in the Google Cloud environment.