Would you like to prepare for compliance with the Cyber Resilience Act using 'Black Duck SCA', which supports OSS risk management and SBOM creation?
Black Duck SCA is an OSS management and static analysis tool that supports organizations in managing the use of OSS and associated risks through high-performance composition analysis. In preparation for the full implementation of the European Cyber Resilience Act (CRA) starting December 11, 2027, Black Duck SCA can comprehensively support the management of OSS, vulnerability countermeasures, license violation checks, and encryption risks for customer organizations and services with efficient and continuous analysis capabilities. Fujisoft partners with "Black Duck" and "Macnica," specialists in tool knowledge and vulnerability-related issues, to provide reliable support for customers implementing Black Duck SCA. 【Would you like to consult with us first?】 What should you do to comply with the Cyber Resilience Act? I want to start managing OSS/SBOM but don't know how... If you have such concerns, please feel free to consult Fujisoft! ★For those who have already started considering Black Duck SCA and want to know what benefits it offers★ Download the PDF materials or feel free to contact us!
Inquire About This Product
basic information
**Features of Black Duck SCA** - Abundant scan and analysis targets - In addition to scanning components such as folders, libraries, and binaries, there is a wide range of scan and analysis targets, including OSS source files contained within the source code. - Response to license violation risks - It can detect a wide range of licenses, from well-known open source licenses to those with fewer users. - Response to security vulnerability risks - It maintains a database of vulnerabilities that surpasses the NVD (National Vulnerability Database) and can provide not only risk detection but also specific countermeasures. - Operational risk management - It allows for decisions regarding the migration of outdated or inactive OSS. - Reference for cryptographic technology - It reduces the burden of compliance with regulations related to export-related operations. - Support throughout the software development lifecycle - It addresses the SDLC (a systematic process to ensure the efficiency and quality of software development projects). - Integration with external tools such as DevOps platforms and CI/CD tools - It facilitates integration with DevOps platforms and CI/CD tools.
Price information
Delivery Time
Applications/Examples of results
For more details, please refer to the PDF document or feel free to contact Fujisoft.
catalog(1)
Download All Catalogs
Company information
Fujisoft has a history of 40 years in embedded development since its founding, accumulating various experiences in both software and hardware. Based on the experience cultivated over many years, a team of over 2,000 embedded technology experts provides embedded services across a wide range of fields, including automotive, medical, industrial, and home appliances. Our seamless development system, covering everything from hardware to software, allows our consultants to propose solutions starting from the "soft phase," such as requirements specification, and we offer a consistent solution that encompasses development, research, testing, and production.
