Automate Open Source Compliance
Know where and how your company is using open source software to avoid costly litigation
Although open source software (OSS) is free, it comes with license obligations that must be met. Poor open source compliance can expose organizations to potentially costly and time-consuming legal risks, putting a company’s software assets in a vulnerable position.
Since developers are experts with code, not licenses, the compliant use of open source requires oversight and control.
Black Duck® Protex™ is the industry’s leading solution for managing open source compliance. Protex integrates with existing development tools to automatically scan, discover, and identify software origins, an integral step in the development process and essential for enforcing license compliance and corporate policy requirements.
As a highly scalable solution, Protex can support development teams of any size, whether co-located or geographically distributed, and can be deployed on premises or as software as a service (SaaS).
Protex helps you reduce business risks and complete software projects on-time and on-budget by automatically:
Black Duck Protex Features
RAPID ID automates the
discovery and identification
of open source code
EXPRESS SCAN gives a high-level
snapshot of a code base in 80%
less time than industry standards
A complete BILL OF MATERIALS
and custom CODE LABEL
Comprehensive license management
BLACK DUCK KNOWLEDGEBASE
Seamless INTEGRATIONS with your
existing development ecosystem
Available as part of the
BLACK DUCK SUITE
DEEPER BINARY ANALYSIS
BAT offers customers concerned with license compliance the ability to:
- Analyze data from more than 30 types of compressed files, file systems, installers, etc., to identify use of open source software
- Identify compliance risk
- Reduce uncertainty when deploying binaries that include open source software
Protex BAT Integration offers customers access to Black Duck’s KnowledgeBase, plus the Binary Analysis Tool Knowledgebase, containing compliance data on an additional 200,000 open source binary packages.
The Most Comprehensive Open Source KnowledgeBase
The Black Duck® KnowledgeBase™ is the industry’s most comprehensive database of open source project information. The Black Duck KB includes over ten years' worth of data, more than 1 million software projects from more than 8,500 sites, and detailed data for more than 2,400 unique licenses, including vulnerabilities, full license text and dozens of encoded attributes and obligations for each license. New open source project versions and meta data are continually added into the KnowledgeBase.