Shaking Off Defensive Image, Black Duck Aims to Accelerate Software Development with Open Source

dip into the company’s larger “KnowledgeBase” of hundreds of thousands of open source components, while a related product called Protex scans finished software for unapproved or problematic code.

“For our compliance product, the typical use case is, ‘I’ve built a software component or acquired a company and I want to validate that there’s no unknown or undisclosed vulnerability or license issue there.’ Very late in the process, you would run our scan and get a list of issues you could remediate,” explains Yeaton. “That is fine for that use case. But if you are a development organization trying to get much greater reuse out of open source software, but you don’t want to paw through 200,000 open source projects out in the world and the 1,400 licenses that could be covering them, we can also help. We leverage the deep knowledge we’ve built up around those 200,000 projects—not just licensing but security, usability, popularity, where the community support comes from, all those kinds of knowledge that are needed earlier on in the development process.”

It may take a little while to change Black Duck’s image, Yeaton acknowledges. “Because we’ve been focused on compliance late in the development process—finding things that are wrong that you now have to go and fix—that at times became the perception” of what Black Duck is about, he says. But with Code Center, “What we want to do is be early-stage, more proactive in helping people identify and choose the right components.”

And a recession, it turns out, may be a good time to be an open source software management company. Whereas the company was “cautiously optimistic” in 2008, Yeaton says, it’s “very encouraged” by the results so far in the first quarter of 2009.

“The behavior we’re seeing in customers is the recognition that finding efficiencies in their software development is critical,” he says. “The question I’ve heard already from many customers is, ‘How do we innovate through the recession?,’ and that is in many ways code for ‘I’ve only got a finite, maybe shrinking development budget, but I still have to make my company successful, so how can I get greater leverage somewhere?’ The answer is leveraging open source components.”

“There are very few things that are recession-proof,” Yeaton concludes. “But I think open source is one of those areas where adopting it can minimize the impact for companies that are trying to invest through the downturn.”

Pages: Page 1, Page 2

Author: Wade Roush

Between 2007 and 2014, I was a staff editor for Xconomy in Boston and San Francisco. Since 2008 I've been writing a weekly opinion/review column called VOX: The Voice of Xperience. (From 2008 to 2013 the column was known as World Wide Wade.) I've been writing about science and technology professionally since 1994. Before joining Xconomy in 2007, I was a staff member at MIT’s Technology Review from 2001 to 2006, serving as senior editor, San Francisco bureau chief, and executive editor of TechnologyReview.com. Before that, I was the Boston bureau reporter for Science, managing editor of supercomputing publications at NASA Ames Research Center, and Web editor at e-book pioneer NuvoMedia. I have a B.A. in the history of science from Harvard College and a PhD in the history and social study of science and technology from MIT. I've published articles in Science, Technology Review, IEEE Spectrum, Encyclopaedia Brittanica, Technology and Culture, Alaska Airlines Magazine, and World Business, and I've been a guest of NPR, CNN, CNBC, NECN, WGBH and the PBS NewsHour. I'm a frequent conference participant and enjoy opportunities to moderate panel discussions and on-stage chats. My personal site: waderoush.com My social media coordinates: Twitter: @wroush Facebook: facebook.com/wade.roush LinkedIn: linkedin.com/in/waderoush Google+ : google.com/+WadeRoush YouTube: youtube.com/wroush1967 Flickr: flickr.com/photos/wroush/ Pinterest: pinterest.com/waderoush/