Case Study: Íslandsbanki achieves unified open-source vulnerability management with Black Duck SCA

Managing & Mitigating Open Source Vulnerabilities with Black Duck SCA

Íslandsbanki, a longstanding Icelandic bank, faced growing difficulty tracking and managing open source components across containerized and traditional applications. Manual processes left developers burdened and the bank wanted an automated software composition analysis (SCA) capability in CI/CD to detect vulnerabilities early, halt risky deployments, and reduce remediation work during production.

The bank selected Black Duck SCA with Black Duck Security Advisories for its ability to scan both containers and standard deployments and to provide curated, prioritized vulnerability guidance. Integrated into Azure DevOps, Visual Studio, Docker and Kenna, Black Duck now scans every master build and pull request across six teams and 177 applications, giving development, operations and security teams a single, easy-to-use tool to manage and mitigate open source vulnerabilities.

Íslandsbanki

Finnur Örn Guðmundsson

Infrastructure Architect