Black Duck Hub
14-Day Trial

Black Duck Software Acquires SpikeSource; Range of Technologies Including Cloud-based Component Identification Will Enhance Black Duck’s Ohloh Initiative

Market-leading Growth Fuels Additional Acquisitions; Supports FOSS Adoption by Expanding Tools and Access to FOSS Projects

WALTHAM, Mass., November 16, 2010 - Black Duck Software, the leading global provider of products and services for accelerating application development through the managed use of open source software, today announced it has acquired the assets of privately-held SpikeSource, a provider of software tools and services to automate application component identification and assess security vulnerability. Terms of the deal were not disclosed.

The acquisition, Black Duck’s third and its second in three months, follows closely on the heels of the acquisition of, the largest free public directory of open source software and a vibrant web community of software developers and Free and Open Source (FOSS) users. Both acquisitions reflect Black Duck’s accelerating growth trajectory - the company is currently growing 58% year-over-year in FY 2010 - and also furthers Black Duck’s mission to promote FOSS adoption by making it easier for developers to take advantage of the growing body of high-quality code in FOSS projects.

Among the technologies acquired was SpikeInsight, a cloud-based offering for automated application component identification and security vulnerability assessment; SpikeForge, a forge comprised of 17 open source projects; the Developer Community Forum, a group of forums associated with SpikeSource OSS projects, virtualization management technology, and a number of other software assets.

Black Duck’s Ohloh site is language and forge-neutral, and the company will work with SpikeForge project managers to migrate FOSS projects currently hosted on SpikeForge, such as the extremely popular testgen4web testing tool, to independent forges.

"Our growth enables us to make acquisitions that increase the value of our offerings to our customers, while benefitting the FOSS community by making it easier for developers to find and use open source," said Tim Yeaton, CEO and President, Black Duck Software. "Both the SpikeSource and Ohloh acquisitions continue our transformation from compliance tool provider to full life-cycle open source enabler, community participant and FOSS advocate."

Black Duck will use technology from the acquisition to complement the Black Duck Suite, an advanced enterprise-class solution to the management, compliance and security challenges associated with FOSS use at scale in enterprise application development. SpikeSource’s Solution Analyzer helps developers understand what's in an application through binary scanning and connects to SpikeInsight, a cloud-based service providing guidance on compliance, compatibility and remediation issues.

“SpikeSource is a tremendous set of technologies and a natural fit with Black Duck Software,” said Ray Lane, Managing Partner, Kleiner Perkins Caufield & Byers, and a member of the SpikeSource Board of Directors. “SpikeSource’s technologies complement those of Black Duck, and together create a compelling range of capabilities to help manage the use of open source software by development organizations.”

"We see demand for open source growing geometrically with the pressures of a volatile economy and highly constrained IT resources," said Melinda Ballou, Program Director for Application Lifecycle Management Service at International Data Corp. "This SpikeSource acquisition augments Black Duck's strong existing capabilities for open source management as organizations must increasingly be able to find, access and manage OSS securely. The combined products resulting from this – in addition to and the company's prior portfolio -- enable a highly differentiated open source offering for Black Duck."

Specifics regarding Black Duck’s strategy for SpikeSource technologies will be communicated as part of the rollout of the Ohloh initiative and enhanced website.

About Black Duck Software
Black Duck Software is the leading provider of products and services for automating the management, governance and secure use of open source software, at enterprise scale, in a multi-source development process. Black Duck™ enables companies to shorten time-to-solution and reduce development costs while mitigating the management, compliance and security challenges associated with open source software. Black Duck Software powers, the industry’s leading code search engine for open source, and is among the 500 largest software companies in the world, according to The company is headquartered near Boston and has offices in San Mateo, California, London, Paris, Frankfurt, Hong Kong, Tokyo and Beijing.

Black Duck, Know Your Code and the Black Duck logo are registered trademarks of Black Duck Software, Inc. in the United States and other jurisdictions. Koders is a trademark of Black Duck Software, Inc. All other trademarks are the property of their respective holders.

Press Contacts

Peter Vescuso
Black Duck Software
+1 781-891-5100

Ann Dalrymple
+1 781-404-2432

Latest Tweets

Black Duck Software (54 minutes ago)
Great post on @ibmsecurity - Custom & #OpenSource Code: A New Approach to Application Security Management #appsec
Black Duck Software (1 hour ago)
RT @guardiantech: White House seeks its first ever chief information security officer
Black Duck Software (2 hours ago)
Concerned about #appsec & its intersection w/ #opensource? Join us & @ibmsecurity educational webinar 2/18 @ 11AM ET
Black Duck Software (2 hours ago)
.@eWEEKNews Great slideshow, #ICYMI 10 Mistakes to Avoid to Make #OpenSource More Secure
Black Duck Software (3 hours ago)
Interesting: Why You Should Be Concerned About The Cybersecurity Information Sharing Act @TechCrunch #CISA #security

Black Duck Software
800 District Ave.
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB