Development and DevOps Integrations

Shipping secure, high-quality software at the speeds required by CI/CD pipelines and AI-generated coding is not possible when AppSec is tacked on to the end of development cycles—at least not without some concessions. That's why Black Duck DevOps integrations and security plug-ins are designed to establish reliable, automated mechanisms to detect and remedy security and compliance risks within complex tech stacks in ways that uphold developers’ need for speed and security’s need for coverage.

Black Duck’s suite of out-of-the-box DevOps integrations, plug-ins, and templates help enterprises to achieve three critical benefits.

Automate risk detection

Test everything as quickly as possible. Trigger application security tests—like SAST and SCA—based on pipeline events including build, SCM check-in, preproduction unit testing, and more.

Accelerate triage and remediation

Align development and security to fix issues faster. Enforce risk tolerance policies, establish security gates, and provide clear fix guidance to developers within the tools and workflows they already use.

Boost developer productivity

Let developers—and their AI assistants—work quickly. Deliver real-time risk insight and noncompliance alerts to avoid late-stage rework. Empower developers to focus on innovation without losing control over security.

By integrating Black Duck AppSec testing solutions into the SDLC and CI/CD pipelines, you establish closed-loop systems between security and development teams that ensure consistent visibility, optimize efficiency, and greatly reduce the window of opportunity for an attack.

  • SCM
  • IDE
  • Package
    manager
  • Build
    and CI
  • Binary
    repository
  • Workflow and
    notifications
  • Security
    testing
  • Vulnerability
    management
  • Production
    deployment
  • Black Duck
  • Coverity
  • Software Risk Manager
  • Code Sight
  • Polaris
  • Seeker

Source code management (SCM) integrations

GitHub

GitHub

coverity polaris black duck

Learn more

Azure DevOps Server

Azure DevOps

polaris coverity black duck seeker

Learn more
Azure Repos

Azure Repos

coverity

Learn more

Bitbucker

Bitbucket

coverity software risk manager

Learn more

GitLab

GitLab

coverity polaris black duck

Learn more

Integrated development environment (IDE) integrations

Android Studio

Android Studio

coverity

Learn more

PhpStorm

PhpStorm

code sight coverity

Learn more

Visual Studio

Visual Studio

software risk manager coverity code sight

Learn more
Eclipse IDE

Eclipse IDE

software risk manager coverity code sight

Learn more

PyCharm

PyCharm

code sight coverity

Learn more

Visual Studio Code

Visual Studio Code

coverity code sight

Learn more
IBM Engineering Workflow Management

IBM

coverity

Learn more

QNX Momentics Tool Suite

QNX Momentics Tool Suite

coverity

Learn more

WebStorm

WebStorm

code sight coverity

Learn more
IntelliJ IDEA

IntelliJ IDEA

software risk manager coverity code sight

Learn more

RubyMine

RubyMine

code sight coverity

Learn more

Wind River Workbench

Wind River

coverity

Learn more

Package manager integrations

Bazel

Bazel

black duck

Learn more

Composer

Composer

black duck

Learn more

Go Module CLI

Go Module CLI

black duck

Learn more

Maven

Maven

coverity black duck

Learn more

Pip

Pip

black duck

Learn more

Yarn

Yarn

coverity black duck

Learn more
Bower

Bower

coverity

Learn more

Comprehensive Perl Archive Network (CPAN)

CPAN

black duck

Learn more

Go Vndr

Go Vndr

black duck

Learn more

NPM Logo - JavaScript Package Manager

npm

coverity black duck

Learn more

Poetry

Poetry

black duck

Learn more

Yocto Project (YP)

Yocto Project (YP)

black duck

Learn more
Cargo

Cargo

black duck

Learn more

Conan

Conan

black duck

Learn more

Gogradle

Gogradle

black duck

Learn more

NuGet

NuGet

black duck

Learn more

Rebar3

Rebar3

black duck

Learn more
CocoaPods

CocoaPods

black duck

Learn more

Conda

Conda

black duck

Learn more

Lerna

Lerna

black duck

Learn more

Packrat

Packrat

black duck

Learn more

RubyGems

RubyGems

black duck

Learn more

Build and CI integrations

AWS CodeBuild

AWS CodeBuild

black duck

Learn more

CircleCI

CircleCI

black duck

Learn more

SBT

sbt

black duck

Learn more

GitHub

GitHub

coverity polaris black duck

Learn more
Azure DevOps Server

Azure DevOps

polaris coverity black duck seeker

Learn more

Jenkins (commercial)

CloudBees

black duck

Learn more

TeamCity

TeamCity

software risk manager black duck

Learn more

GitLab

GitLab

coverity polaris black duck

Learn more
Azure Pipelines

Azure Pipelines

tinfoil coverity black duck

Learn more

CodeShip

CodeShip

black duck

Learn more

Gradle

Gradle

coverity black duck

Learn more

Travis CI

Travis CI

black duck

Learn more
Bamboo

Bamboo

tinfoil coverity black duck

Learn more

Concourse

Concourse

black duck

Learn more

Jenkins (open source)

Jenkins

software risk manager coverity black duck seeker tinfoil

Learn more

Wind River Workbench

Wind River Studio

coverity

Learn more

Binary repository integrations

Amazon Elastic Container Registry

Amazon ECR

black duck

Learn more

Google Container Registry

Google

black duck

Learn more
Artifactory

Artifactory

black duck

Learn more

Nexus Repository

Nexus Repository

black duck

Learn more
Azure Container Registry

Azure

black duck

Learn more
Docker Registry

Docker Registry

black duck

Learn more

Workflow and notifications integrations

Azure Boards

Azure Boards

black duck

Secure Code Warrior

Secure Code Warrior

software risk manager coverity seeker

Bugzilla

Bugzilla

coverity

Learn more

Slack

Slack

black duck seeker software risk manager

Learn more
Jira Software

Jira Software

coverity black duck seeker polaris software risk manager

Learn more

Software Package Data Exchange (SPDX)

SPDX

black duck

Learn more
Microsoft Teams

Microsoft Teams

black duck software risk manager

Learn more

Security testing integrations

Acunetix

Acunetix

software risk manager

Learn more

Acunetix

Aqua

software risk manager

Learn more

Acunetix

CxIAST

software risk manager

Learn more

Acunetix

Clang

software risk manager

Learn more

Acunetix

Contrast Assess

software risk manager

Learn more

Acunetix

Errcheck

software risk manager

Learn more

Acunetix

Fortify

software risk manager

Learn more

Acunetix

Gendarme

software risk manager

Learn more

Acunetix

HCL AppScan

software risk manager

Learn more

Acunetix

JSHint

software risk manager coverity

Learn more

Acunetix

Netsparker

software risk manager

Learn more

Acunetix

NowSecure INTEL

software risk manager

Learn more

Acunetix

Parasoft C/C++test

software risk manager

Learn more

Acunetix

PHP_CodeSniffer

software risk manager

Learn more

Acunetix

Qualys Vulnerability Management (VM)

software risk manager

Learn more

Acunetix

Scalastyle

software risk manager

Learn more

Acunetix

Snyk Container

software risk manager

Learn more

Acunetix

Staticcheck

software risk manager

Learn more

Acunetix

Trustwave App Scanner

software risk manager

Learn more

Acunetix

Veracode Static Analysis

software risk manager

Learn more

Acunetix

WhiteSource

software risk manager

Learn more

Q-mast

Q-mast

software risk manager

Learn more
Acunetix

Anchore Enterprise

software risk manager

Learn more

Acunetix

Arachni

software risk manager

Learn more

Acunetix

CxSCA

software risk manager

Learn more

Acunetix

Code Cracker

software risk manager

Learn more

Acunetix

Cppcheck

software risk manager

Learn more

Acunetix

Error Prone

software risk manager

Learn more

Acunetix

Fortify

software risk manager

Learn more

Acunetix

Gocyclo

software risk manager

Learn more

Acunetix

Ineffassign

software risk manager

Learn more

Acunetix

Microsoft

software risk manager

Learn more

Acunetix

Nexus Lifecycle

software risk manager

Learn more

Acunetix

NowSecure

software risk manager

Learn more

Acunetix

Parasoft dotTEST

software risk manager

Learn more

Acunetix

software risk manager

Learn more

Acunetix

Qualys Web Application Scanning (WAS)

software risk manager

Learn more

Acunetix

SD Elements

software risk manager

Learn more

Acunetix

Snyk Open Source

software risk manager

Learn more

Acunetix

Tenable.io

software risk manager

Learn more

Acunetix

Veracode Dynamic Analysis

software risk manager

Learn more

Acunetix

Vet

software risk manager

Learn more

Acunetix

CoGuard - Infrastructure Security and Automation

coverity

Learn more
IriusRisk Threat Modeling

IriusRisk Threat Modeling

software risk manager

Learn more
Acunetix

Android Studio Lint

software risk manager

Learn more

Acunetix

Brakeman

software risk manager

Learn more

Acunetix

CxSAST

software risk manager

Learn more

Acunetix

CodePeer

software risk manager

Learn more

Acunetix

Dependency-Check

software risk manager

Learn more

Acunetix

ESLint

software risk manager

Learn more

Acunetix

Fortify WebInspect

software risk manager

Learn more

Acunetix

Golint

software risk manager

Learn more

Acunetix

JFrog Xray

software risk manager

Learn more

Acunetix

Mobile Secure

software risk manager

Learn more

Acunetix

Nmap

software risk manager

Learn more

Acunetix

OCLint

software risk manager

Learn more

Acunetix

Parasoft Jtest

software risk manager

Learn more

Acunetix

Prisma Cloud

software risk manager

Learn more

Acunetix

Retire.js

software risk manager

Learn more

Acunetix

Security Code Scan

software risk manager

Learn more

Acunetix

Snyk Open Source License Compliance Management

software risk manager

Learn more

Acunetix

Tenable.sc

software risk manager

Learn more

Acunetix

Veracode Manual Penetration Testing (MPT)

software risk manager

Learn more

Acunetix

Vex

software risk manager

Learn more

Cycode

Cycode

black duck coverity

Learn more
Acunetix

Visual Studio Code Analysis

software risk manager coverity

Learn more
AppSecAI Expert Triage Automation

AppSecAI Expert Triage Automation 

coverity

Learn more

Acunetix

AppSpider

software risk manager

Learn more

Burp Suite Logo

Burp Suite Enterprise Edition

software risk manager

Learn more

Burp Suite Logo

Burp Suite Professional

software risk manager

Learn more

Acunetix

Checkstyle

software risk manager

Learn more

Acunetix

CodeSonar

software risk manager

Learn more

Acunetix

Dependency-Track

software risk manager

Learn more

Acunetix

Find Security Bugs

software risk manager

Learn more

Acunetix

software risk manager

Learn more

Acunetix

Gosec

software risk manager

Learn more

Acunetix

Jlint

software risk manager

Learn more

Acunetix

Nessus

software risk manager

Learn more

Acunetix

NowSecure Auto

software risk manager

Learn more

Acunetix

OWASP ZAP

software risk manager

Learn more

Acunetix

PHP Mess Detector

software risk manager

Learn more

Acunetix

Pylint

software risk manager

Learn more

Acunetix

SafeSQL

software risk manager

Learn more

Acunetix

SpotBugs

software risk manager coverity

Learn more

Acunetix

sqlmap

software risk manager

Learn more

Acunetix

ThunderScan

software risk manager

Learn more

Acunetix

Veracode Software Composition Analysis (SCA)

software risk manager

Learn more

Vulnerability management integrations

Acunetix

Deepfactor Developer Security

black duck

SonarQube

SonarQube

coverity software risk manager

Learn more
Botprise

Botprise

seeker

Learn more
Botprise

Nucleus

black duck

Learn more

Production deployment integrations

Amazon Web Services (AWS)

Amazon Web Services (AWS)

seeker

Learn more

Kubernetes (K8s)

Kubernetes (K8s)

black duck

Learn more
Cloud Foundry

Cloud Foundry

seeker

Learn more

Microsoft Azure

Microsoft Azure

black duck

Learn more
Google Cloud

Google Cloud

black duck

Learn more

Red Hat OpenShift

Red Hat OpenShift

black duck seeker

Learn more
IBM Cloud Pak for Applications

IBM Cloud Pak for Applications

black duck

Learn more

VMware Tanzu

VMware Tanzu

seeker

Learn more
©2025 Black Duck Software, Inc. All Rights Reserved