Open source software is free to use, but it comes with license obligations. Poor open source compliance can expose you to costly, time-consuming risks, including litigation and loss of IP.
Black Duck® Protex™ is the industry’s leading solution for managing open source license compliance. Protex integrates with existing development tools to automatically scan, identify, and inventory open source software, allowing you to understand license obligations, conflicts and risks. This enables you to mitigate these risks by enforcing license compliance and corporate policy requirements.
Scan software contents
Inventory open source
Identify potential license risks
Streamline open source audits
With Protex, it’s much easier to confirm where unintended open source is used in our products, and we’ve significantly reduced the risks of license violations.
Black Duck provides systematic control over the software development process by integrating with your existing IDEs, build and continuous integration (CI) tools, reporting and repository-management systems.
The Black Duck® KnowledgeBase™ is the industry’s most comprehensive database of open source project information. It includes over ten years' worth of data, more than 1 million software projects from more than 8,500 sites, and detailed data for more than 2,400 unique licenses, including vulnerabilities, full license text and dozens of encoded attributes and obligations for each license. New open source project versions and meta data are continually added in to the KnowledgeBase.
The SDK extends the capabilities of Protex and enables your development team to tightly integrate with native development tools and processes. The SDK provides a SOAP API that allows you to integrate and automate a broad set of functions in your environment, including: