Top 12 Open-Source Alternatives to Black Duck

Black Duck

Organizations worldwide use Black Duck Software's open source management and security solutions to ensure security in their applications and containers.‎About · ‎We're Hiring!

Product categories

Chrome Extensions Code Analysis Code Coverage Code Quality Code Review Developer Tools License Management OS & Utilities Open Source Security Security & Privacy Security CI

Summary

The top open-source alternatives to Black Duck are SonarQube, Snyk, and OWASP Dependency-Track. One of the criteria for ordering this list is the number of mentions that products have on reliable external sources. You can suggest additional sources through the form here.

SonarQube Landing Page
1

SonarQube

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Pricing:
- Open Source
- Freemium
- Free Trial
- $150.0 / Annually
#Code Analysis #Code Review #Code Coverage 1 social mentions
Snyk Landing Page
2

Snyk

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
Pricing:
- Open Source
#Security #Security Monitoring #Security CI 85 social mentions
OWASP Dependency-Track Landing Page
3

OWASP Dependency-Track

OWASP Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows...
Pricing:
- Open Source
#Security #Code Analysis #Security & Privacy 19 social mentions
FOSSA Landing Page
4

FOSSA

Open source license compliance and dependency analysis
Pricing:
- Open Source
#Security #Code Analysis #Web Application Security 7 social mentions
Labs64 NetLicensing Landing Page
5

Labs64 NetLicensing

Monetize your digital products and services
Pricing:
- Open Source
- Freemium
- Free Trial
- €60.0 / Monthly (Basic Plan)
#License Management #Threat Detection And Prevention #Monitoring Tools 11 social mentions
David Landing Page
6

D

David

Watching your Node.js dependencies
Pricing:
- Open Source
#License Management #Security & Privacy #OS & Utilities
StyleCop Landing Page
7

StyleCop

Analyzes C# source code to enforce a set of style and consistency rules. - StyleCop/StyleCop
Pricing:
- Open Source
#Code Analysis #Code Coverage #Code Review
pyup.io Landing Page
8

pyup.io

Helps you to keep your dependencies updated and secure.
Pricing:
- Open Source
#License Management #OS & Utilities #Security & Privacy 2 social mentions
GitGuardian Landing Page
9

GitGuardian

Detect secrets in source code, public and private!
Pricing:
- Open Source
#Security & Privacy #Chrome Extensions #Security 2 social mentions
SonarCloud Landing Page
10

SonarCloud

Enhance your workflow with continuous code quality, SonarCloud automatically analyzes and decorates pull requests on GitHub, Bitbucket, Azure DevOps and GitLab on major languages.
Pricing:
- Open Source
- Freemium
- Free Trial
- €10.0 / Monthly (100,000 Lines of Code)
#Developer Tools #DevOps Tools #SAST 12 social mentions
ESLint Landing Page
11

ESLint

The fully pluggable JavaScript code quality tool
Pricing:
- Open Source
#Code Coverage #Developer Tools #Code Quality 229 social mentions
FindBugs Landing Page
12

FindBugs

Findbugs is a tool that looks for bugs in Java code. Findbugs finds the bugs by analyzing computer software without actually executing programs. Using this software allows for easy debugging and repairing broken script. Read more about FindBugs.
Pricing:
- Open Source
#Code Coverage #Code Analysis #Code Quality 3 social mentions