NOTE: If you are currently using the old Synopsys Security Scan extension, please follow these instructions to migrate from Synopsys Security Scan extension to this new Black Duck Security Scan extension.
Black Duck Security Scan Extension for Azure DevOps enables you to configure your Azure pipeline to run Black Duck security testing and take action on the results. Black Duck Security Scan leverages Bridge CLI, allowing you to run tests for several Black Duck products from the command line.
To use Black Duck Security Scan, please follow the steps below:
- Configure Azure DevOps as described in the Azure Prerequisites page.
- Install and configure Black Duck Security Scan for the Black Duck product you are using.
Polaris
Black Duck SCA
Coverity - For additional configuration options, visit the Additional Azure Configuration page.
As an alternative to Black Duck Security Scan, you also have the option to use Bridge CLI.
Detailed documentation for Bridge CLI can be found here.