Case Study: Blue Yonder achieves an extended secure SDLC and comprehensive open-source security and compliance with Synopsys Black Duck SCA

Extending a Secure SDLC to Remediate Open Source Security Issues

Blue Yonder, a $1B+ global leader in supply chain software with more than 100 applications and thousands of open source components, struggled to inventory and manage OSS across its portfolio. Without an accurate bill of materials or automated tracking, the company couldn’t reliably find or patch vulnerabilities or ensure license compliance, exposing products and customers to security and IP risk.

Blue Yonder deployed Synopsys Black Duck Code Center and Black Duck SCA, integrated into CI/CD pipelines and Jira to automate component approval, policy enforcement, and remediation tracking. The result was accurate BOMs for every product, enforced open source policies, streamlined remediation workflows and release gating, and greater assurance that products ship without known license risks or high‑severity security issues.

Blue Yonder

Meghan Caudill

Project Manager