The report evaluates 18 vendors based on their vision and execution capabilities, highlighting the critical role of automated security enforcement in meeting modern government mandates like the EU Cyber Resilience Act. According to Gartner, the growing complexity of software ingredients poses risks that extend from individual enterprises to society at large, necessitating more robust visibility into development processes.
Black Duck Named Leader in Inaugural Gartner Magic Quadrant for SSCS
Software supply chain security has transitioned into a board-level imperative as regulatory pressures and the rapid integration of artificial intelligence complicate digital infrastructure. In response to this shifting landscape, Burlington-based Black Duck has been named a Leader in the inaugural 2026 Gartner Magic Quadrant for Software Supply Chain Security.
Black Duck CEO Greg Hughes attributes the company's market position to its integration of AI across its existing platform, which combines long-standing domain expertise with automated vulnerability management. Over the past year, the firm has deployed several specific innovations to address these risks. These include AI Model Risk Insights for managing open-source and hybrid AI models, and risk-based vulnerability prioritization that filters noise by analyzing exploitability across binaries, containers, and source code. Furthermore, the company has implemented AI-driven dependency remediation that utilizes large language models to generate patches, as well as enhanced SBOM lifecycle management to support regulatory alignment with standards like CSAF 2.0.
Comments (0)
No comments yet. Be the first!