Black Duck FAQs

Question 1

Which AI assistants are compatible with Black Duck?

Accepted Answer

Black Duck is designed to integrate with AI assistants that support the Model Context Protocol (MCP), including Claude Code (CLI & Desktop), Cursor, and VS Code.

Question 2

What is Black Duck and how does it integrate with AI assistants?

Accepted Answer

Black Duck enables AI assistants (like Claude, Cursor, and VS Code) to query component vulnerabilities and identify safe upgrade paths. It acts as an MCP server, connecting AI tools to Black Duck Software Composition Analysis (SCA) data.

Question 3

What are the core features of Black Duck for AI assistants?

Accepted Answer

Key features include searching the Global KnowledgeBase for components, listing component versions with vulnerability indicators, getting detailed CVE/BDSA data, and obtaining recommended short-term and long-term upgrade paths.

Question 4

How does Black Duck help with upgrade guidance?

Accepted Answer

It provides recommended short-term (patch) and long-term (major) upgrade paths directly from Black Duck's KnowledgeBase. For a given component and version, it can perform an end-to-end analysis to suggest the safest upgrade.

Question 5

What kind of vulnerability information can Black Duck provide?

Accepted Answer

Black Duck can search for software components, list versions with known vulnerabilities, and retrieve detailed CVE and BDSA information for specific component versions, including severity, CVSS scores, and descriptions.

Black Duck

Black Duck

主要功能

使用案例

主要功能

使用案例