Black Duck Software

Black Duck Software

Type	Privately held
Industry	Development software
Founded	Massachusetts, USA (2002)
Headquarters	Waltham, MA
Key people	Tim Yeaton, President and CEO Kenneth Goldman, Executive Vice President and CFO Bill McQuaide, Executive Vice President of Product and Services Alan Facey, Executive Vice President of Sales Peter Vescuso, Senior Vice President of Marketing Andreas Zink, Vice President of Engineering
Products	Black Duck Code Center Black Duck Protex Black Duck Transact Black Duck Export Professional Services
Website	www.BlackDuckSoftware.com

Black Duck Software is a Massachusetts US private company. Black Duck Software pioneered the automation of mixed-origin software component reuse management. The company’s products and services allow organizations to analyze the composition of software source code and binary files, search for reusable code, manage open source and third-party code approval, honor the legal obligations associated with mixed-origin code, and monitor related security vulnerabilities. Black Duck is considered a technology industry leader and often cited in media articles about open source.^[1][2][3]

Black Duck Software maintains an extensive KnowledgeBase of open source and third party components - most of which are available on the Internet. In the KnowledgeBase, each component is characterized by metadata such as license, language, version, author, and known security vulnerabilities. Black Duck products use this information to facilitate search, selection, approval, validation and tracking of software components. Black Duck Software maintains the open source search engine Koders.

The Black Duck Software website includes a free service providing information and analysis about open source licenses.^[4]

Open source software creates an efficient business model, incorporating a collaborative software development model.^[5] However, modifying or redistributing open source while failing to honor open source license obligations creates legal liability for corporations and their officers.^[6] In 2007, open source license infringement litigation went to court in the U.S. for the first time in a suit filed by the Software Freedom Law Center.^[7] According to Mark Radcliffe, Deputy General Counsel for the Open Source Initiative, as current and future suits are decided, important case law precedents will be established about the remedies available to open source plaintiffs.^[8]

This is the context in which a niche market has developed for products and services from companies such as Black Duck Software that provide automation and information to manage the complexity of emergent composite software development models while avoiding business and legal risks.

History

Founder and Board Member, Douglas Levin (Doug Levin), founded Black Duck in 2002, at a time when litigation over open source and software intellectual property began in the United States, including the high-profile SCO v. IBM case. The idea struck him that there should be an automated way to keep track of and verify software code origins. Levin named the company after a pet duck that he found and nursed back to health when he was seven years old.^[9]

Black Duck Software began shipping its first product, Protex, in 2004. In July 2004, the company had its first round of venture capital funding for $5 million, with investments from Flagship Ventures and General Catalyst Partners.^[10][11]

In March 2005, the company announced a hosted service, Black Duck Transact.^[12][13] In June 2005, a second round of funding added $12 million in investment capital led by Fidelity Ventures of Boston and including Intel Capital (a division of Intel Corporation (Nasdaq: INTC)), SAP Ventures (a division of SAP AG) and Red Hat (Nasdaq: RHAT), along with existing investors Flagship Ventures and General Catalyst Partners.^[14] Throughout 2005, the company created partnerships with other open source organizations, including Red Hat [32], the Open Source Software Institute, Sourceforge, and Olliance Group.

During 2006 Black Duck integrated Protex with the IBM Rational [33] management platform ^[15] and released the Black Duck Export product.^[16] Also in 2006, the company expanded its distribution network to include resellers in Australia, New Zealand,^[17] the UK,^[18] Israel,^[19] and Korea.^[20]

In February 2007, Black Duck Software completed a third round of venture capital investment for $12 million, led by Focus Ventures and also including existing investors.^[21] The company joined the Open Solutions Alliance ^[22] in April 2007, received IBM SOA Specialty acceptance in October ^[23] and, in November 2007, added distribution partners in Hong Kong.^[24] Also in November 2007, the company began a distribution partnership with NEC in Japan.^[25]

On January 28, 2008, Black Duck introduced Black Duck Code Center, a role-based management system for mixed-origin software development.^{[26] [27]} On April 28, 2008, it was announced that Black Duck Software would acquire the assets and technologies of open source code search engine Koders. The Koders search engine will remain free of charge.^[28]

On February 10, 2009, the company announced Tim Yeaton as the new President and CEO of Black Duck Software with immediate effect.^[29]

Awards

In June 2010, Black Duck Software was listed as one of the Lead411's Hottest Boston Companies.^[30]

In 2010, the company was named to the 2010 SD Times 100.^[31]

In April 2010, Black Duck Software has been included in the prestigious “Cool Vendors in Application Development, 2010” report by Gartner, Inc.^[32]

Products

Black Duck Software products include Protex, Transact, Export, and Code Center. Each application uses the Black Duck KnowledgeBase to identify and manage the reuse of open source and third party code. The Black Duck KnowledgeBase is continuously updated with downloadable code from Internet sites and software vendors, including development kits, proprietary applications, operating systems, and the associated proprietary and open source licenses.^[33]

Services

Black Duck Professional Services offer consulting about software compliance, open source software use and creating code reuse policies and procedures using Black Duck products. Black Duck also offers training and customer support services.^[34]

Partners & alliances

Black Duck Software collaborates in various ways with other companies and organizations in the open source sphere.

Technological integration with IBM Rational adds Black Duck functionality to executive-level software management. Open source consultancies work with Black Duck Software to help their clients adopt and implement open source policies that honor licenses while capturing the cost savings of open source software reuse.^[35] Similarly, Black Duck has established partnerships with a number of law firms to provide accurate determination of software pedigree—especially helpful when preparing software asset valuation for mergers and acquisitions.^[36]

Black Duck is a member of the Eclipse Foundation, the Open Solutions Alliance, and the Open Source Software Institute. Black Duck also participates actively in the Linux Foundation SPDX working group which it has chaired from its inception.

See also

• FOSSology - Open-source tool to find and manage licenses in a code base, launched in January 2008 by Hewlett Packard
• Ninka -- Open source tool to identify licenses in source code.
• OSS Discovery - Open-source tool to find open-source software embedded in applications and installed on computers. Sourceforge project led by OpenLogic
• Palamida, Inc. - Competitor with similar open-source software identification and analysis tools
• Protecode - A Canadian competitor which offers automated, real-time analysis solutions for managing open source licensing obligations in software
• Koders
• Ohloh

References

1. [1] “Open source lands in the enterprise with both feet,’’ InfoWorld, 6 August 2007.
2. [2] ‘’Quacking Through Licensing Complexity,’’ San Diego Times, 6 August 2006.
3. [3]‘’Battles over open source carve niche for startup,‘’ Boston Business Journal, 14 December 2007]
4. [4] Black Duck Open Source License Resource Center
5. [5] ‘‘Breaking the rules with open source,’’ CNET News.com 2 August 2004.
6. [6] “Taming the Open-Source Monster,‘’ Waters magazine, 1 June 2006.
7. [7] “On Behalf of BusyBox Developers, SFLC Files First Ever U.S. GPL Violation Lawsuit,” 20 September 2007.
8. [8] “The Software Freedom Law Center Files first Enforcement Action for General Public License,” September 20, 2007.
9. [9] Black Duck name page.
10. "Black Duck Software Gets $5 Million," Wall Street Journal, 26 July 2004.
11. [10] “Black Duck Software secures $5M in Series A,” Mass High Tech: The Journal of New England Technology, 23 July 2004.
12. [11] transactIP product page.
13. [12] “Service Offers On-Demand Tool for Finding Software-Licensing Violations” InformationWeek, 28 March 2005.
14. [13] “Black Duck Software raises $12M in 2nd VC round,” Boston Business Journal, 6 June 2005.
15. [14] “Black Duck Software Expands Integration Of protexIP/development 4.0 In Ready For IBM Rational Software Validation Program,” Enterprise Open Source Magazine, 7 December 2006
16. [15] “Black Duck debuts US encryption compliance,” Infoworld, 16 October 2006.
17. [16] “Open Source Firm Black Duck Expands Reseller Network In Australia And NZ,” AjaxWorld International, 2 August 2006.
18. [17] “Black Duck flies into UK with Atos Origin,” Computing, 30 June 2006.
19. [18] “Black Duck Software Expands International Reach With New Distribution Partners in Israel and the United Kingdom” Press Release14 November, 2006.
20. [19]”Black Duck's CEO Douglas Levin to Deliver Keynote at LinuxWorld Korea” Press Release 5 June 2006.
21. [20] “Valley firms join $12M Black Duck round,” Silicon Valley San Jose Journal,14 February 2007.
22. [21] Open Solutions Alliance home page.
23. [22] “Black Duck Software Accepted Into the IBM SOA Specialty,” Press Release 15 October 2007
24. [23] “Black Duck Software Further Expands its Presence in the Far East” Press Release 19 November 2007.
25. [24] “NEC and Black Duck Software Partner to Offer Software Component Management Solutions in Japan” Press Release 19 November 2007.
26. [25] Black Duck Code Center product page.
27. [26] Linux Insider: Black Duck Offers Developers a New Tool to Manage Code.
28. [27] "Black Duck acquires Koders.com"
29. [28] "Software Industry Veteran Tim Yeaton Named New CEO of Black Duck Software"
30. Lead411 launches "Hottest Boston Companies" awards
31. SD Times
32. Black Duck Software Named "Cool Vendor" by Leading Analyst Firm
33. [29] KnowledgeBase product page.
34. [30] professional services page.
35. [31] Black Duck partners page.
36. Black Duck legal partners page