Software Integrity Blog

Author Archive

Phil Odence

phil-odence

Phil is General Manager, Black Duck On-Demand. He works closely with Black Duck’s law firm partners and the open source community. A frequent speaker at industry events, Phil chairs the Linux Foundation's Software Package Data Exchange (SPDX) working group. With over 20 years’ software industry experience, Phil came to Black Duck from Empirix where he served as Vice President of Business Development and in other senior management positions, and was a pioneer in VoIP testing and monitoring. Prior to Empirix, Phil was a partner and ran consulting at High Performance Systems, a startup computer simulation modeling firm. He began his career with Teradyne's electronic design and test automation (EDA) software group in product, sales and marketing management roles. Phil has an AB in Engineering Science and an MS in System Simulation from the Thayer School of Engineering at Dartmouth College.


Posts by Phil Odence:

 

Let’s Talk Licenses: Beware the Beerware License

Many companies are relaxed about reusing software under the Beerware License and similar open source licenses. But not all such licenses are created equal.

Continue Reading...

Posted in Mergers & Acquisitions, Quality & Compliance | Comments Off on Let’s Talk Licenses: Beware the Beerware License

 

Top 3 operational open source risk factors

Consider these three operational open source risk factors when using open source components: version currency, version proliferation, and project activity.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Top 3 operational open source risk factors

 

Know your code—and know your stuff!

An open source audit digs into a codebase to see what’s inside. Find out what our audit services team unearthed in the 1,200+ codebases we reviewed in 2018.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Know your code—and know your stuff!

 

Next-generation audit reports: Enhanced visibility into open source risks in M&A transactions

Black Duck Audit reports help you understand your license compliance, software security, code quality, and web services risks—and now they’re even better.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on Next-generation audit reports: Enhanced visibility into open source risks in M&A transactions

 

The Apache Software Foundation can take a joke, but not when it comes to licensing

If you use open source, what’s good for the Apache Software Foundation is usually good for you. What do they say about “joke licenses” and Category X?

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on The Apache Software Foundation can take a joke, but not when it comes to licensing

 

Celebrating freedom with free beer

Freedom is central to American culture. So the Fourth of July is also a great time to celebrate the four freedoms of FOSS (free and open source software).

Continue Reading...

Posted in Open Source Security | Comments Off on Celebrating freedom with free beer

 

Open source issues in an M&A target’s code: How do you know?

Until you ask, you don’t know how much open source a target has used, what components it uses, or what open source issues might be latent therein. That’s why open source questions are on the checklist of virtually every acquirer in a tech transaction. And the unfortunate reality is that even asking good questions doesn’t guarantee a good answer, because most targets simply don’t know themselves. That’s why audits are frequently a component of M&A due diligence.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on Open source issues in an M&A target’s code: How do you know?

 

Black Duck Audits and Synopsys: Running the walk

Synopsys offers a range of software security services that go beyond open source. These offer Black Duck Audit customers better due diligence service.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Black Duck Audits and Synopsys: Running the walk

 

Enhanced legal tab in Black Duck Audit reports

If you’ve reviewed any Black Duck Audit reports recently, you may have noticed improvements in the legal tab and the way we report on findings.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Enhanced legal tab in Black Duck Audit reports

 

Black Duck Audits at Synopsys: Being part of our kind of company

The core values at Synopsys really tell the story of what a great home it is for Black Duck overall and the software audit business in particular.

Continue Reading...

Posted in Mergers & Acquisitions, News & Announcements, Open Source Security | Comments Off on Black Duck Audits at Synopsys: Being part of our kind of company