The First Decade – Open Source License Compliance and Governance
Black Duck Software was founded in 2003 by Doug Levin, a visionary technologist who recognized that software developers growing use of open source code would result in licensing and compliance issues for their companies.
Black Duck Protex quickly became the leading solution for managing open source code compliance, integrating with existing development tools to automatically scan, identify and inventory open source software.
Black Duck On Demand Open Source Audit services are recognized today as the industry standard for companies involved in merger and acquisition (M&A) transactions who need to quickly find open source software and associated licenses and obligations.
SAP, Oracle, Facebook Yahoo, Samsung, Intel and Qualcomm were early adopters of Black Duck solutions to manage their open source compliance and governance obligations.
Black Duck Today – Managing Open Source Security Risks
Lou Shipley joined Black Duck as CEO in late 2013. Over the last 25 years Lou has held leadership roles in several successful private and public Massachusetts companies, including Avid and VMTurbo. With open source adoption exploding over the past decade, Lou saw an opportunity for Black Duck to expand its solutions portfolio and meet the need for organizations to manage open source security as well as license compliance risks.
In 2015 Black Duck shipped a new, open source security-focused product, the Black Duck Hub. The Hub allows organizations to identify all open source in use and quickly gain visibility into any known open source security vulnerabilities as well as compliance issues in their code.
The Hub quickly garnered market acceptance, winning the 2015 Massachusetts Technology Leadership Council (MassTLC) award for most innovative new product in security.
As well as its license compliance and M&A due diligence solutions, Black Duck now offers a full portfolio of application and Docker container security products and services.
Strategic partnerships with Hewlett Packard Enterprise, IBM and Red Hat are extending Black Duck’s reach in helping companies gain the enormous productivity leverage that well-managed and secure open source software enables. HPE Security Fortify Software Security Center (SSC) integrated Black Duck Hub, enabling organizations to have comprehensive visibility into their security risk for both open source and custom code. IBM, a global leader in security software, recognized the Black Duck Hub’s complementary value and has integrated it into its IBM Security AppScan product. Red Hat is partnering with Black Duck to deliver a secure model for enterprise use of Linux containers.