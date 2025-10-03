Black Duck® SCA is a multifactor open source scanning technology that provides the most complete and accurate view of open source in applications and containers. Our open source detection combines build process monitoring and file system scanning to track all open source in use, including components most solutions miss.

Black Duck is now making it easier for users to secure the software supply chain with an update to its SBOM export utility. The utility exports SPDX 2.2 and ISO standard ISO/IEC 5962:2021, which populates the fields necessary to comply with NIST standards, as referenced in Executive Order 14028.

