Case Study: Global Financial Services Firm reduces security and operational risk and cuts OSS approval time from weeks to hours with Black Duck

Global Bank Reduces Security Risks & Reaps Cost Benefits of Open Source

A global bank with 10,000 developers producing over 5,000 builds per day relied heavily on open source but faced rising operational and security risks after high-profile breaches prompted a policy review. Developers lacked a consistent way to evaluate among millions of OSS projects, causing vulnerable code, version proliferation, slow development, and lengthy manual approval processes that threatened productivity and regulatory compliance.

The bank implemented Black Duck to automate continuous scanning, produce open source bills of materials, integrate with build and lifecycle tools, and centralize an approved-component catalog and workflow. Approvals dropped from weeks to hours, issues are auto-reported and triaged, and daily vulnerability alerts plus learning-driven automation reduced manual reviews—delivering lower issue volume, stronger compliance, significant cost savings, and greater development agility while protecting the bank’s risk-management reputation.