diff --git a/.ci/blackduck_source.sh b/.ci/blackduck_source.sh
index 1282da29e..6ecca5474 100755
--- a/.ci/blackduck_source.sh
+++ b/.ci/blackduck_source.sh
@@ -26,7 +26,7 @@ echo "     VERSION: ${PROJECT_VERSION}"
 echo "    SRC_PATH: ${PROJECT_SRC_PATH}"
 
 [[ -d /tmp/blackduck ]] && rm -rf /tmp/blackduck
-sudo -u swx-jenkins git clone -c core.sshCommand="ssh -i ~/.ssh/id_ed25519" -b master --single-branch --depth=1 ssh://git-nbu.nvidia.com:12023/DevOps/Tools/blackduck /tmp/blackduck
+git clone -c core.sshCommand="ssh -i ~/.ssh/id_ed25519" -b master --single-branch --depth=1 ssh://git-nbu.nvidia.com:12023/DevOps/Tools/blackduck /tmp/blackduck
 cd /tmp/blackduck
 
 # disable check errors
diff --git a/.ci/opensource_jjb.yaml b/.ci/opensource_jjb.yaml
index 2863afc20..8a9f1af6b 100644
--- a/.ci/opensource_jjb.yaml
+++ b/.ci/opensource_jjb.yaml
@@ -107,7 +107,7 @@
             description: "Collect artifacts."
         - bool:
             name: "do_blackduck"
-            default: true
+            default: false
             description: "Run BlackDuck."
         - bool:
             name: "do_copyrights"
diff --git a/.ci/pipeline/release_jjb.yaml b/.ci/pipeline/release_jjb.yaml
index 9247f91c3..a90d521be 100644
--- a/.ci/pipeline/release_jjb.yaml
+++ b/.ci/pipeline/release_jjb.yaml
@@ -39,6 +39,10 @@
             name: "do_antivirus"
             default: true
             description: "Run Antivirus."
+        - bool:
+            name: "do_blackduck"
+            default: true
+            description: "Run BlackDuck."
         - string:
             name: "notification_email"
             default: "{jjb_release_email}"
@@ -47,7 +51,7 @@
             name: "conf_file"
             default: ".ci/pipeline/release_matrix_job.yaml"
             description: "job config file. Do not change it"
-        - bool: 
+        - bool:
             name: "do_dr_build"
             default: false
             description: "Build DR weekly"
diff --git a/.ci/pipeline/release_matrix_job.yaml b/.ci/pipeline/release_matrix_job.yaml
index fb69b83a6..8720ade87 100644
--- a/.ci/pipeline/release_matrix_job.yaml
+++ b/.ci/pipeline/release_matrix_job.yaml
@@ -17,6 +17,9 @@ kubernetes:
       nodeSelector: 'kubernetes.io/arch=amd64'
       jnlpImage: 'nbu-harbor.gtm.nvidia.com/toolbox/c3po-jnlp:latest'
 
+credentials:
+  - {credentialsId: 'blackduck_api_token', type: 'string', variable: 'BLACKDUCK_API_TOKEN'}
+
 env:
   MAIL_FROM: jenkins@nvidia.com
 
@@ -40,10 +43,23 @@ runs_on_dockers:
       runAsUser: '6213',
       runAsGroup: '101'
     }
+  - {
+     file: '.ci/dockerfiles/Dockerfile.rhel8.6',
+     arch: 'x86_64',
+     name: 'xlio_static.bduck',
+     uri: '$arch/$name',
+     tag: '20250418',
+     build_args: '--no-cache --target bduck',
+     category: 'tool',
+     runAsUser: '6213',
+     runAsGroup: '101'
+    }
 
 steps:
   - name: Build-dpcp
     parallel: false
+    containerSelector:
+      - "{name: 'rhel8.6'}"
     run: |
       git clone https://github.com/Mellanox/libdpcp.git libdpcp
       cd libdpcp
@@ -51,6 +67,8 @@ steps:
 
   - name: Release
     parallel: false
+    containerSelector:
+      - "{name: 'rhel8.6'}"
     run: |
       if ${do_dr_build}; then
         git checkout tags/${release_tag}
@@ -64,6 +82,16 @@ steps:
       env WORKSPACE=$PWD .ci/antivirus.sh
     archiveArtifacts: 'logs/'
 
+  - name: Blackduck
+    enable: ${do_blackduck}
+    parallel: false
+    containerSelector:
+      - "{name: 'xlio_static.bduck', category:'tool'}"
+    run: |
+        .ci/blackduck_source.sh
+    archiveArtifacts: 'logs/'
+    credentialsId: 'blackduck_api_token'
+
 pipeline_start:
     shell: action
     module: groovy