Legal

Ensure Open Source Compliance

Internal counsels are facing new governance and compliance challenges due the growing popularity of open source software (OSS). It is easy for developers to download OSS from the Internet for free and circumvent formal procurement processes, causing them to overlook important license obligations.  

Additionally, Gartner predicts that through 2015, less than 50% of IT organizations will have effective open source governance programs in place. The fact that software is invisible makes it difficult for internal legal teams to control and track where and how it is used and, therefore, difficult to ensure governance and compliance. 

Adding to these challenges is the fact that open source license management can be complex. For example, some lawyers think that all open source licensing is represented by the GPL, but Black Duck tracks over 2,000 open source licenses, each with their own compliance specifications. To fully realize the benefits of open source while ensuring compliance, many organizations need an expert partner to help implement governance programs that include:

  • Explicit policies that explain the rules and guidelines for internal OSS use as well as how code can be contributed back to the broader open source community
  • Training for all appropriate employees including developers, legal and risk teams, security personnel, and procurement departments
  • A technology platform that allows for visibility and control of software assets

Black Duck Solutions

No matter where your organization falls in the open source adoption lifecycle, Black Duck has an oss logistics servicesolution or product that will address your unique program needs and help you meet your business goals. 

Black Duck is the most trusted partner for developing customized open source policies that leverage the power of OSS for an organization's long-term success. Black Duck Consulting, a division of Black Duck, will help you evaluate open source technologies and methods and develop a governance policy that addresses your full range of OSS needs.

The Black Duck® Suite is a comprehensive set of governance and compliance automation tools that enable development organizations to harness the power of open source technologies and methods. 

Black Duck’s audit services provide you with a quick, cost effective way to obtain the essential information required for making good business decisions. Additionally, audit services tailored specifically for M&A due diligence provide fast, secure, simple and thorough analyses of software intellectual property assets. 

open source governance and compliance services model

Latest Tweets

Black Duck Software (5 hours ago)
Highlights from #OSCON: News, Keynotes, and Tweets You May Have Missed | Open Source Delivers http://t.co/t00zkgSyzU
Black Duck Software (7 hours ago)
RT @MBACorpCounsel: 5 Steps to Ensuring Compliance in the Software #SupplyChain: The Harman Case Study http://t.co/8uC94rNI3N
Black Duck Software (8 hours ago)
RT @libbymclark: MakerBot Offers Lessons in Open Source Innovation with Linux http://t.co/e1reNNa0MZ via @linuxfoundation
Black Duck Software (9 hours ago)
Firefox OS-based Chromecast Competitor Coming Soon | @ostatic http://t.co/uSLLdR4sWV #FirefoxOS #Mozilla
Black Duck Software (10 hours ago)
RT @BostInno: Hiring in the Hub 7/17-7/24: HourlyNerd & Black Duck Software score new executives http://t.co/pZFOvkkhN5 @HourlyNerd @black…

Black Duck Software
8 New England Executive Park, Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Ohloh | Open Source Think Tank