Case Study: Avira achieves scalable open-source security and maintains DevOps velocity with Synopsys Black Duck

Addressing Open Source Security While Maintaining DevOps Velocity

Avira, a long-established security, privacy, and performance software provider, faced a growing challenge: widespread use of open source components, increasing product complexity, and market regulations had outpaced its manual, siloed compliance processes (Confluence/Jira and custom Python scripts), making it difficult to manage open source vulnerabilities at the speed of its DevOps pipeline.

To solve this, Avira rolled out Synopsys Black Duck SCA across all development teams, integrating frequent scans into every master and release build to automate license and vulnerability management. The deployment embedded open source security into development workflows, removed manual efforts, improved scalability, raised awareness across teams (including better developer–legal communication), and strengthened Avira’s overall security posture.

Avira

Marian Schneider

Information Security Officer