Worried about open source vulnerabilities in your project?
Your Black Duck CoPilot has you covered.
CoPilot harnesses the power of Black Duck Hub to give you insight into the open source components used by your project, as well as the vulnerabilities that have been reported against them, so you can find and fix them before users or hackers do.
CoPilot currently supports the following development platforms in any combination. If your favorite platforms aren't listed please check back, as we are planning on expanding our support. If you would like to make a suggestion about future platform support please let us know on our forum.
Source Repositories
  • GitHub
Build Tools
  • Gradle
  • Maven
  • Maven Wrapper
  • Scala Build Tool
  • NuGet
  • pip
CI Systems
  • Travis CI
  • Circle CI
  • AppVeyor
Get a complete listing of your project's open source dependencies
Get security risk information for dependencies, branches, and pull requests
Know if you are adding vulnerabilities before you merge
You and your community work hard to grow your user base by delivering high quality software and cool new features. But all that effort can be wasted if users find security vulnerabilities in your code.

With Black Duck as your CoPilot you can avoid security mistakes and poor component choices. Fast, free and directly integrated with GitHub, Black Duck CoPilot quietly supports you so you can focus on creating great software.
Request Beta Access

Thank you for your interest in CoPilot!
We're currently in beta testing. If you would like to start using CoPilot early and help us make it a better service, request access to the beta below!

Request GitHub Beta Access