Black Duck Software (formerly known as Synopsys Software Integrity Group) is a company that develops software for composition analysis (SCA). It allows users to find and fix security issues, detect risks, build a software bill of materials (SBOM), monitor vulnerabilities, etc.