CSAIChaptersEventsBlog
Join CSA, RSAC, and UNLV for a one-day summit in Las Vegas exploring how AI is reshaping enterprise cybersecurity →

STAR Registry Listing for

Black Duck Software Composition Analysis, Polaris, Continuous Dynamic

Black Duck Software Composition Analysis, Polaris, Continuous Dynamic

Black Duck Software Composition Analysis, Polaris, Continuous Dynamic

Black Duck Software Composition Analysis (SCA) is an application security solution that identifies open-source components, tracks third-party dependencies, and manages related security, license compliance, and code quality risks. It automatically generates a comprehensive Software Bill of Materials (SBOM) and enforces governance policies across the entire software development lifecycle (SDLC).

Black Duck Polaris is a comprehensive, cloud-native Application Security Testing (AST) platform designed for DevSecOps. It combines SAST, SCA, and DAST engines into a single SaaS solution, allowing developers to scan code, manage open-source risks, and enforce security policies early in the Software Development Life Cycle (SDLC).

Black Duck Continuous Dynamic (formerly WhiteHat Dynamic) is a SaaS-based Dynamic Application Security Testing (DAST) solution designed to automatically scan running web applications and APIs for exploitable vulnerabilities.

Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No/NA questions and space to justify the response a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM).
Information about Black Duck Software Composition Analysis, Polaris, Continuous Dynamic
Listed Since: 01/23/2025

STAR Level 1

Self-Assessment & Partner-Provided

Cloud Controls Matrix

CAIQ Self-assessment v4.1.0

Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No/NA questions and space to justify the response a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM).

Created or renewed 12 days ago, on July 02, 2026.