Black Duck Reports Record Revenues and Revenue Growth as well as Significant Increase in New Customers for First Half of 2017

Strategic partnerships, innovation investments, and 25 percent increase in headcount worldwide are accelerating momentum  

BURLINGTON, MA – August 2, 2017 – Black Duck, the global leader in automated solutions for securing and managing open source software, today reported record revenue and record revenue growth for the first half of 2017.

The company said new and add-on revenue from subscriptions to Black Duck Hub, its flagship open source security solution, grew by 77 percent in the first half of 2017 and subscription renewal rates for Hub were in the mid-90-percent range.

Black Duck had a 64 percent increase in new customers during 2016, and the company said it nearly matched the 2016 new-customer total in the first half of 2017. Notable customers added to the portfolio since January include HPE, Carbon Black, Exact Group BV, and Copper Leaf.

CEO Lou Shipley said the company expects overall revenue growth for 2017 will exceed 30 percent in 2017, up 50 percent from 2016.

“We’re encouraged by our first-half performance and we’re on track for an equally strong second half of 2017,” said Shipley.

"Open source software dominates application development today and organizations are increasingly recognizing the need for more effective open source security and management throughout their software development lifecycle. This drives demand for Hub because it helps reduce risk by addressing difficult open source security and management challenges without slowing development," Shipley said.

Black Duck highlighted other significant areas of momentum during the first half of 2017:

  • In February, Forrester Research published a report punctuating the importance of Software Composition Analysis (SCA) in helping enterprises “know” what’s in their code.  The report offered insights into the strategies and solutions available to gain visibility into open source software use and identified the vendors best positioned to help reduce security, management and IP risk.  Black Duck was alone in Forrester’s leader category.
  • “Building world-class partnerships is a major corporate goal for 2017,” said Shipley, “and we’re encouraged by the strategic partnerships we developed in the first half of this year.”

He said that as the software development and delivery process becomes increasingly complex – spanning AppDev, DevOps, SecDevOps, Containers, the Cloud and IoT – a strong ecosystem partnerships and technology integrations is vital. Black Duck has announced integrations or partnerships with Google, Red Hat, Microsoft, Atlassian, and Pivotal.

  • Black Duck’s global headcount has increased 25 percent from 281 to 350 employees worldwide since January. The company expanded the footprint of its Burlington, MA, headquarters in 2016 and Shipley said, “we’ve already outgrown the expansion space and we’ll add more in the coming months.”
  • The company introduced Hub in the first quarter of 2015 and Shipley said that significant investments in engineering, in research and in innovation over the last two years “have helped us deliver the product capabilities and functionality that have established us as a category leader. We’ll continue to invest heavily to maintain that leadership.”

In late 2016, the company established the Black Duck Center for Open Source Research and Innovation (COSRI) and two new groups in Belfast, Northern Ireland, and Vancouver, Canada, are conducting cutting-edge research in open source security vulnerability management, in data mining and in machine learning to drive product innovation. 

In April, COSRI released its landmark 2017 Open Source Security and Risk Analysis (OSSRA) detailing audit of more than 1,000 applications that showed significant cross-industry risks related to open source vulnerabilities and license-compliance challenges.

The COSRI report found high levels of open source usage – 96 percent of the audited applications contained open source – and significant risk to open source security vulnerabilities. More than 60 percent of the applications contained open source security vulnerabilities.

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit

Media Contacts:
Black Duck Software
Brian Carter, Director, Global Media & Analyst Relations

PAN Communications
Michael O’Connell