We are proud to announce that Black Duck Polaris™ Platform has achieved full Texas Risk and Authorization Management Program (TX-RAMP) certification, a meaningful milestone that reflects our ongoing commitment to serving state, local, and federal government organizations with the security tools they need to protect their software supply chains.
TX-RAMP is the state of Texas's official framework for authorizing cloud-based technology products for use by Texas state agencies, public universities, and community colleges. For any SaaS-based product operating in Texas, TX-RAMP certification is not just a credential, it is a prerequisite. State agencies, particularly those evaluating cloud-native security solutions, increasingly require it as a baseline condition before meaningful procurement conversations can even begin.
The framework is built around rigorous security controls that align to both the Texas Cybersecurity Framework and MITRE ATT&CK Framework. Together, these two standards give Texas agencies a comprehensive security posture—a reactive, risk-management foundation layered with proactive, threat-informed defense. By choosing a TX-RAMP-certified platform from Black Duck, public sector teams gain confidence that the tools they rely on meet Texas standards.
Built on a foundation of trust, Black Duck's path to TX-RAMP certification was grounded in years of investment in enterprise-grade security practices. TX-RAMP and FedRAMP share significant alignment in their controls and requirements, which is precisely why FedRAMP-oriented organizations receive reciprocity under the TX-RAMP program. Because we have been building toward FedRAMP readiness for years, including achieving SOC 2 Type 2 compliance, we were well positioned to earn TX-RAMP certification.
This is not a certification we pursued in isolation. It reflects a deliberate, sustained investment in the infrastructure, controls, and processes needed to meet the standards of the most regulated environments in the country.
Polaris is a cloud-native application security testing platform that unifies static application security testing (SAST), software composition analysis (SCA), and dynamic application security testing (DAST) in a single service. It also generates Software Bills of Materials (SBOMs) in both SPDX and CycloneDX formats, supporting the growing federal and state requirements for software supply chain transparency.
Black Duck placed highest for Ability to Execute in the 2025 Gartner® Magic Quadrant™ for Application Security Testing. With TX-RAMP certification now in place, public sector software teams across Texas can access the same unified, enterprise-grade security testing platform that commercial development organizations already rely on.
TX-RAMP certification is a significant milestone, but it is also part of something bigger. It reflects our commitment to meeting government and public sector customers where they are, and to building the trust required to serve them well.
We are actively pursuing FedRAMP Moderate authorization for Polaris, with a federal environment being built on Google Cloud and authorization targeted for 2027. FedRAMP Moderate authorization fulfills the requirements for full TX-RAMP Level 2 certification through the program's recognized equivalency path. This means our federal and state security investments reinforce one another at every step.
This TX-RAMP certification is how we demonstrate, in concrete terms, that Black Duck is committed to the public sector for the long term. Whether you are a Texas state agency, a public university, or a federal team planning ahead, Polaris is being built to meet your requirements—today, and as those requirements grow.
With full TX-RAMP certification in hand, Texas state agencies, counties, cities, community colleges, and public universities can now move forward with confidence in procuring and deploying Polaris. There is no longer a waiting period or workaround; Polaris meets the standard required for cloud product adoption across Texas government.
If you are evaluating application security solutions and need a platform that meets TX-RAMP requirements while positioning your organization for the broader demands of federal compliance, we would welcome the opportunity to connect.
To verify Black Duck's TX-RAMP certification status, visit the official TX-RAMP certified products registry.
Apr 14, 2026 | 8 min read
Mar 31, 2026 | 4 min read
Feb 05, 2026 | 6 min read
Jan 22, 2026 | 3 min read
Dec 16, 2025 | 4 min read
Oct 08, 2025 | 6 min read