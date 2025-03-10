NIST SP800-218

The Black Duck portfolio of tools and services helps organizations adhere to the recommendations included in the NIST Secure Software Development Framework (SSDF), especially those included in the “Produce Well-Secured Software (PW)” group. The Black Duck AppSec services team provides training, threat modeling, and architecture assessments to help determine risks to your software and design a solution that best mitigates those risks. Black Duck Static Analysis and SCA solutions provide automated testing of both proprietary and open source software code to identify vulnerabilities and their root causes early in the SDLC, along with detailed remediation guidance to remove issues and help prevent similar defects from being produced in the future.