About Black Duck Continuous Dynamic

If you prefer to view/print this section in PDF format, click: Continuous Dynamic Service Definition. This particular page is excluded, as it is discussed in greater detail in the Service Definition pages.

Black Duck® Continuous Dynamic™ (formerly WhiteHat Dynamic) is a Software-as-a-Service (SaaS) platform that provides application security across the entire software development lifecycle (SDLC). Using advanced scanning technology, Black Duck Threat Research Center engineers accurately identify your vulnerabilities and provide the information that you need to understand, prioritize, and mitigate or remediate your vulnerabilities.

Projects in development can be analyzed with Sentinel Source even before the code is compiled. You provide Sentinel Source with the repository information needed and Sentinel Source will scan your source code or your binaries. Sentinel Source then provides you with detailed vulnerability information, including the implicated code snippets, an explanation of the problem, and recommendations for remediation. You can also enable 'Directed Remediation' and receive specific code designed to fix your vulnerability.

Projects in pre-production or production can also have their code analyzed with Sentinel Source. Additionally, once a project is in pre-production or production, you can use the highly scalable Software-as-a-Service platform Continuous Dynamic for Dynamic Application Security Testing (DAST) to accurately identify vulnerabilities in your sites and web applications. Continuous Dynamic provides:

  • Continuous, concurrent assessments

  • Verified, actionable results

  • Unlimited access to security experts

  • Reporting and intelligence metrics to support business risk management

You provide Continuous Dynamic with the URL(s) for the site and web applications, the appropriate credential(s), and a schedule of permitted scanning periods. In return, Continuous Dynamic will provide you with detailed vulnerability information, including an explanation of the vulnerability / vulnerability class and recommendations for remediation. There are several service levels in Continuous Dynamic, which are appropriate for different types of sites/applications and/or purposes.

With both Sentinel Source and Continuous Dynamic, you will have direct access to Threat Research Center engineers to respond to any questions about the vulnerability, the associated risks, and how it can be remediated.