-
Black Duck Binary Analysis: How to create a Vendor Vulnerability
-
Course Complete!
Black Duck Binary Analysis: How to create a Vendor Vulnerability
BDBA offers the ability to add custom vulnerabilities to both proprietary and OSS components, and this course shows how to create them.
Black Duck Binary Analysis offers the ability to add vulnerabilities to either your own proprietary components or existing OSS components by using CPE. This feature is especially useful when your organization has either proprietary components you are using in your code base and you wish to keep track of the vulnerabilities in them, or when you have detected vulnerabilities from open source components that are specific to your usage.
You can add multiple different vulnerabilities to the database, and give unique vulnerability IDs for each vulnerability. You can also determine a CVSSv2/v3 equivalent score to your own vulnerability.
Environment:
Black Duck Binary Analysis 2023.09 or newer
Users: Power user, User, Basic user
Hosted or Appliance
Keywords: Learning, elearning, e-learning, course, ecourse, e-course, training, e-training, self-paced, Vendor, Vulnerability, CPE, Common Platform Enumeration, Custom, CVSS