CIO Influence
CIO Influence News Machine Learning Security

Black Duck Expands Polaris Integrations to Deliver Frictionless DevSecOps at Enterprise Scale

by PR Newswire
Black Duck Expands Polaris Integrations to Deliver Frictionless DevSecOps at Enterprise Scale

Black Duck Logo

Enhanced SCM integrations streamline automated repo onboarding, continuous monitoring, and event-based scanning across GitHub, GitLab, Azure DevOps, and Bitbucket

Black Duck, the leader in AI-powered application security, announced the immediate availability of a powerful set of enhanced Black Duck PolarisTM Platform integrations across all major source code management (SCM) platforms — including GitHub, GitLab, Azure DevOps, and Bitbucket. The Polaris Platform is an integrated, software-as-a-service application security platform powered by the industry’s leading static application security testing, software composition analysis, and dynamic application security testing engines.

With development teams managing an explosion of human and AI-generated code and increasingly distributed development environments, manual onboarding and fragmented security tools create serious coverage gaps. These enhanced Polaris capabilities enable organizations to achieve unprecedented speed, coverage, and automation in securing their applications at scale.

Designed for enterprises managing hundreds and even thousands of code repositories across globally distributed teams, these integrations dramatically simplify onboarding, accelerate scanning workflows, and seamlessly embed security into day-to-day development activities. Together, these enhancements reduce administrative overhead, eliminate manual configuration, and ensure continuous coverage for fast-changing codebases.

Also Read: CIO Influence Interview with Gera Dorfman, Chief Product Officer at Orca

Key Features and Benefits:

  • Unified coverage across all major SCMs. Whether teams use GitHub, GitLab, Azure DevOps, Bitbucket, or a mix of all four, the natively built integration with the Polaris Platform provides a consistent, unified security experience––not a scripted add-on.
  • Instant onboarding for thousands of repositories. Organizations can automatically onboard and continuously synchronize Polaris with every repository in their SCMs without the need for manual configuration.
  • Continuous monitoring of repository changes. New repositories, renamed projects, branch creation, and other structural changes are detected instantly, ensuring security coverage always remains current and complete.
  • Trigger scans on key development events. Polaris scans can be triggered automatically when a pull request is created/updated or before it is merged––allowing developers to catch and fix vulnerabilities during their normal code review process––resulting in vulnerabilities being addressed earlier in the SDLC.
  • Apply AI‑powered application security with Black Duck Signal™. Enabling scans directly in the IDE or automated through CI/CD, all centrally managed in Polaris. Signal surfaces meaningful security insights in both human‑ and AI‑generated code, helping teams stop vulnerabilities before code is committed.
  • Extend security and AI insights directly to the developer’s desktop with Code Sight™. This IDE plugin triggers Polaris scans—manually or automatically—while developers code. Combined with Black Duck Assist’s AI‑driven guidance and remediation, developers get immediate, actionable feedback, reducing friction and preventing rework later in the lifecycle.
  • Customizable scanning with full or rapid analysis. Teams can choose between deep, comprehensive scanning or ultrafast rapid analysis based on the context of each workflow.
  • Seamless integration into developer workflows. Security findings surface directly inside pull requests, enabling developers to fix issues in real time—without switching tools or breaking flow.
  • Instant policy onboarding. Enterprise security policies and guardrails can be enabled with a single click, ensuring consistent enforcement across thousands of repositories.
  • Instant user onboarding. Teams, roles, and access controls synchronize automatically, reducing administrative overhead and accelerating time to value.

“Today’s enterprises are orchestrating software projects across hundreds and thousands of source code repositories in the race to adopt AI in production,” said Dipto Chakravarty, Chief Product and Technology Officer at Black Duck. “Development and Security teams need application security that is integrated, automated, and frictionless across their platforms and code repositories. No other solution combines the breadth of SCM platform support with universal event and policy-based automation, and the depth of analysis and agentic AI scalability provided by the Black Duck Polaris Platform. This is a game changer for operating DevSecOps at enterprise scale.”

Catch more CIO Insights: Identity is the New Perimeter: The Rise of ITDR

[To share your insights with us, please write to psen@itechseries.com ]

Cision distribution by PR Newswire empowers communicators to identify and engage with key influencers, craft and distribute meaningful stories, and measure the financial impact of their efforts. Cision is a leading global provider of earned media software and services to public relations and marketing communications professionals.

Related posts

Using AI for Evidence Synthesis, OPEN Health and Nested Knowledge Collaborate

GlobeNewswire

Leostream Delivers Secure Remote Computing with Zero-Trust Network Access for AWS

Business Wire

Tempest Telecom Solutions Reintroduces and Redefines Itself as Tempest

CIO Influence News Desk