BlackDuck scanning is simple if you get it to working; however, getting to work with BlackDuck is a big challenge.
For condo scanning, the source directory is where you have installed your conda and you need to have environment.yml file for it to detect conda detector.
References:
- CVE org site: https://www.cve.org
- CVSS calculator : https://nvd.nist.gov/vuln-metrics/cvss
- Conda Scanning Environment Setup:https://community.synopsys.com/s/article/Scanning-Conda-environments-results-in-no-packages-being-found
- Detect Air Gap Mode https://synopsys.atlassian.net/wiki/spaces/IA/pages/1562443911/Air+Gap+Mode+6.9.0
- Air Gap Mode document: https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=downloadingandrunning%2Fairgap.html&_LANG=enus
- Air Gap Advance Mode – https://blackducksoftware.github.io/synopsys-detect/6.2.0/advanced/air-gap/
- Github Synopsys detect: https://github.com/blackducksoftware/synopsys-detect
- Github Synopsys Hub REST API for python:https://github.com/blackducksoftware/hub-rest-api-python
- Jenkins Plugin for Blackduck: https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/622779/CI+CD+Jenkins
- Blackduck hub setup – https://blackducksoftware.github.io/blackduck-docker-inspector/latest/overview/
- Blackduck Software Github – https://github.com/blackducksoftware