Black Duck Hub
14-Day Trial




Automate Open Source Compliance

Know where and how your company is using open source software to avoid costly litigation

Black Duck Code Label Summarizes Open Source Code

Although open source software (OSS) is free, it comes with license obligations that must be met. Poor open source compliance can expose organizations to potentially costly and time-consuming legal risks, putting a company’s software assets in a vulnerable position.

Since developers are experts with code, not licenses, the compliant use of open source requires oversight and control.

Black Duck® Protex™ is the industry’s leading solution for managing open source compliance. Protex integrates with existing development tools to automatically scan, discover, and identify software origins, an integral step in the development process and essential for enforcing license compliance and corporate policy requirements.

As a highly scalable solution, Protex can support development teams of any size, whether co-located or geographically distributed, and can be deployed on premises or as software as a service (SaaS).


Protex helps you reduce business risks and complete software projects on-time and on-budget by automatically:


Scanning software contents


Identfying open source to create a Bill of Materials (BOM)


Uncovering potential license risks early in development


Identifying due diligence concerns in advance of code audits


Black Duck Protex Features

RAPID ID automates the
discovery and identification
of open source code

EXPRESS SCAN gives a high-level
snapshot of a code base in 80%
less time than industry standards

and custom CODE LABEL

Comprehensive license management
leveraging the

Seamless INTEGRATIONS with your
existing development ecosystem

Available as part of the



Building on Protex’s license compliance capabilities, the Protex Binary Analysis Tool (BAT) integration offers deeper, automated analysis of custom binaries that may contain open source software.BAT

BAT offers customers concerned with license compliance the ability to:

  • Analyze data from more than 30 types of compressed files, file systems, installers, etc., to identify use of open source software 
  • Identify compliance risk
  • Reduce uncertainty when deploying binaries that include open source software

Protex BAT Integration offers customers access to Black Duck’s KnowledgeBase, plus the Binary Analysis Tool Knowledgebase, containing compliance data on an additional 200,000 open source binary packages. 


The Most Comprehensive Open Source KnowledgeBase

The Black Duck® KnowledgeBase™ is the industry’s most comprehensive database of open source project information. The Black Duck KB includes over ten years' worth of data, more than 1 million software projects from more than 8,500 sites, and detailed data for more than 2,400 unique licenses, including vulnerabilities, full license text and dozens of encoded attributes and obligations for each license. New open source project versions and meta data are continually added into the KnowledgeBase.

learn about open source security


Latest Tweets

Black Duck Software (Yesterday)
Learn to secure the open source in your #agile software development process. #infosec #opensource #security
Black Duck Software (2 days ago)
Survey: Most Companies Lack Formal Policies to Manage Open Source Risks #natlawreview #opensource #vulnerabilities
Black Duck Software (2 days ago)
Open source security: think you got it covered? What's really in your code? #appsec
Black Duck Software (5 days ago)
Open source security: think you got it covered? What's really in your code?
Black Duck Software (1 week ago)
Ducky was spotted at @JohnDeere!

Black Duck Software
8 New England Executive Park
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB