Black Duck Software Adds Binary Analysis Tool Integration to Protex Solution
Protex Binary Analysis Tool integration offers deeper analysis of custom binaries that may include open source code carrying additional license obligations
BURLINGTON, MA (July 16, 2015) - Black Duck Software, a global leader in securing and managing open source software, today announced new deep binary analysis capabilities added to Protex, its industry-leading solution for managing open source compliance.
Protex helps organizations understand which licenses govern the modification, use and distribution of open source binaries and source code in their code base. Building on Protex’s license-compliance capabilities, Protex Binary Analysis Tool integration offers deeper analysis of custom binaries that may include open source code carrying additional license obligations and restrictions.
Companies have the complex task of shipping legally compliant software, often without always knowing the origin of code they embed from suppliers. While suppliers are asked to provide a list of open source software used and associated licenses, companies need to verify the accuracy of the reported information to fully protect their intellectual property.
However, because code is often only provided in binary form, it is challenging both to verify what specific open source software is in use, and to identify the associated licenses and obligations. This lack of information can expose organizations to potentially costly and time-consuming legal risks, jeopardizing their software assets.
The Binary Analysis Tool (BAT) is open source software created by Tjaldur Software Governance Solutions. BAT analyzes data from more than 30 types of compressed files, file systems, installers, etc., to identify use of open source software.
The Protex BAT Integration offers customers not only access to the Black Duck’s KnowledgeBase which has more than 1.2 million open source projects and licensing data, but also an additional BAT KnowledgeBase with compliance data on 200,000 open source binary packages. Together, Protex and its integration with BAT yields a complete picture of open source software usage and associated license compliance risk on both source code and binary files – in a single view.
“Companies in software supply chains are increasing their awareness of license compliance issues in their suppliers’ code to avoid costly litigation. The Protex Binary Analysis Tool integration combines the power of the Binary Analysis Tool with Protex to provide supply chains with a way to look at both their source code and their binaries to ensure they are shipping without any license issues,” says Armijn Hemel, owner of Tjaldur Software Governance Solutions, and founder of the Binary Analysis project.
About Black Duck Software
Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage Open Source Software, eliminating the pain related to security vulnerabilities, compliance, and operational risk. Black Duck is headquartered along the Massachusetts Technology Corridor in Burlington, MA and has offices in San Mateo, CA, London, Paris, Frankfurt, Hong Kong, Tokyo, Seoul, and Beijing. For more information visit www.blackducksoftware.com.
Katelyn Campbell, 617-502-4300
Brian Carter, Director Strategic Communications