Try our new research platform with insights from 80,000+ expert users

Apiiro vs Black Duck comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 5, 2024
 

Categories and Ranking

Apiiro
Ranking in Software Composition Analysis (SCA)
12th
Average Rating
8.6
Number of Reviews
2
Ranking in other categories
Static Application Security Testing (SAST) (23rd), API Security (9th), Software Supply Chain Security (8th), Risk-Based Vulnerability Management (13th), Application Security Posture Management (ASPM) (2nd)
Black Duck
Ranking in Software Composition Analysis (SCA)
1st
Average Rating
7.8
Number of Reviews
19
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Software Composition Analysis (SCA) category, the mindshare of Apiiro is 1.4%, up from 0.7% compared to the previous year. The mindshare of Black Duck is 23.0%, down from 23.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA)
 

Featured Reviews

Ryan-Murphy - PeerSpot reviewer
Oct 31, 2023
A great secrets detection feature, good visibility, and integrates well
The biggest benefit of Apiiro for us was the visibility it gave us into our GitHub organization, which we didn't have much of before. The benefit of adding Apiiro early is that it would be integrated into our pipeline from the start. Since we have had some of our software products for many years, we would have to do a lot of cleaning up before integrating Apiiro into our developer workflow. Integrating Apiiro early allows us to stay ahead of the curve on security issues and address them as they arise, rather than having a huge backlog for developers to fix. Apiiro's ability to provide visibility into the risk of our application components is great. This was a selling feature for us. Apiiro was a less mature product a little over a year ago when they were still early on in their development. However, they have made fantastic advancements over the last year, which has given us much more visibility into that sort of thing. Apiiro has helped prevent business-critical risks by making recommendations based on what it thinks is a high or critical issue. I think it does a pretty good job at that, but those recommendations still need a manual review from us. In general, if Apiiro flags a critical issue, it is usually pretty close to identifying whether it is business-critical or not. It is something we should review, even if we end up downgrading it. Apiiro raises valid concerns, and I am happy that it does.
Saravanan_Radhakrishnan - PeerSpot reviewer
Mar 5, 2024
Enables applications to be secure, but it must provide more open APIs
We use the solution for open-source security management. The product connects the entire customer entity into DevOps and DevSecOps. Solutions like Black Duck and Code Dx enable application testing and onboarding of different applications from entities for security. All the users in different…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The workflow automation is likely the best aspect of the solution."
"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"Black Duck is pretty extensive in terms of the scan reserves and the vulnerability exposures. From that perspective, I'm happy with it."
"The cloud option of the product is always available and a positive aspect of the solution."
"The stability is okay."
"It highlights what the developers have done, and it shows the impact from an intellectual property point of view."
"The UI is the solution's most valuable feature since it allows for easy pipeline integration."
"The product enables other applications to be secure."
"Policy management is a valuable feature."
"We accidentally use third-party library APIs, which may not be secure. Our technical team may not have the end time or expertise to figure it out. Black Duck helps us with that and saves us time."
 

Cons

"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"User management is a little bit clunky."
"I would like to see more integration with other solutions, such as IntelliJ IDEA."
"The tool's documentation and support are areas of concern where improvements are required."
"It needs to be more user-friendly for developers and in general, to ensure compliance."
"The documentation is quite scattered."
"The tool needs to improve its pricing. Its configuration is complex and can be improved."
"Due to the fact that, with our software developer life cycle, we don't need to scan our source code every day or every week. For that reason, we find the cost is too high. We might only actually use it five to ten times a year, which makes it expensive."
"The solution must provide more open APIs."
"Black Duck can improve the time it takes for a scan. Most of the time it's not ideal when integrated with the live DevSecOps pipeline. We have to create a separate job to scan the library because it takes a couple of hours to scan all those libraries. The scanning could be faster."
 

Pricing and Cost Advice

Information not available
"The price charged by Black Duck is exorbitant."
"Depending on the use case, the cost could range from $10,000 USD to $70,000 USD."
"The pricing is a little high."
"It is expensive."
"I rate the product's price one on a scale of one to ten, where one is a high price, and ten is a low price."
"The price is low. It's not an expensive solution."
"Black Duck is more suitable if you require a lot of licensing compliance. For smaller organizations, WhiteSource is better because its pricing policies are not really suitable for huge organizations."
"The price is quite high because the behavior of the software during the scan is similar to competing products."
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
22%
Financial Services Firm
10%
Manufacturing Company
9%
Comms Service Provider
9%
Financial Services Firm
21%
Manufacturing Company
16%
Computer Software Company
14%
Healthcare Company
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Apiiro?
Apiiro's secrets detection feature has saved us several times, which we appreciate greatly.
What is your experience regarding pricing and costs for Apiiro?
My understanding is the pricing is pretty competitive.
What needs improvement with Apiiro?
Apiiro recently integrated SaaS, and we would love to see them expand on that. They provide many integrations to different products, including SaaS products such as Snyk. Ideally, Apiiro would incl...
How does WhiteSource compare with Black Duck?
We researched Black Duck but ultimately chose WhiteSource when looking for an application security tool. WhiteSource is a software solution that enables agile open source security and license compl...
What do you like most about Black Duck?
The cloud option of the product is always available and a positive aspect of the solution.
What is your experience regarding pricing and costs for Black Duck?
The price charged by Black Duck is exorbitant. For the features provided by the product, I would not want to pay a high price. There are many other products in the market that offer better features...
 

Comparisons

 

Also Known As

Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA)
Blackduck Hub, Black Duck Protex, Black Duck Security Checker
 

Learn More

 

Overview

 

Sample Customers

Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan
Samsung, Siemens, ScienceLogic, BryterCX, Dynatrace
Find out what your peers are saying about Apiiro vs. Black Duck and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.