GitHub Action
Black Duck Security Scan
v2.0.0
Latest version
Black Duck Security Action allows you to integrate Static Analysis Security Testing (SAST) and Software Composition Analysis (SCA) into your CI/CD pipelines. Black Duck Security Action leverages Bridge-CLI, a foundational piece of technology that has built-in knowledge of how to run all major black duck security testing solutions, plus common workflows for platforms like GitHub.
To use Black Duck Security Action, please follow the steps below:
- Configure GitHub as described in the GitHub Prerequisites page.
- Install and configure Black Duck Security Action for the Black Duck product you are using.
Polaris
Black Duck
Coverity - For additional configuration options, visit the Additional GitHub Configuration page.
As an alternative to Black Duck Security Action, you also have the option to use Bridge CLI.
Detailed documentation for Bridge CLI can be found here.