STAR Registry Listing for
Black Duck Software Composition Analysis, Polaris, Continuous Dynamic
Black Duck Software Composition Analysis, Polaris, Continuous Dynamic
Black Duck Software Composition Analysis (SCA) is an application security solution that identifies open-source components, tracks third-party dependencies, and manages related security, license compliance, and code quality risks. It automatically generates a comprehensive Software Bill of Materials (SBOM) and enforces governance policies across the entire software development lifecycle (SDLC).
Black Duck Polaris is a comprehensive, cloud-native Application Security Testing (AST) platform designed for DevSecOps. It combines SAST, SCA, and DAST engines into a single SaaS solution, allowing developers to scan code, manage open-source risks, and enforce security policies early in the Software Development Life Cycle (SDLC).
Black Duck Continuous Dynamic (formerly WhiteHat Dynamic) is a SaaS-based Dynamic Application Security Testing (DAST) solution designed to automatically scan running web applications and APIs for exploitable vulnerabilities.

Listed Since: 01/23/2025
STAR Level 1
Self-Assessment & Partner-Provided

CAIQ Self-assessment v4.1.0
Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No/NA questions and space to justify the response a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM).
Created or renewed 12 days ago, on July 02, 2026.