Evaluating all aspects of a target’s technology could extend indefinitely and go infinitely deep, so it is important to scope optimally with the deal scenario in mind. The right package may prioritize certain applications and/or certain risk areas, depending on the scenario.
A typical timeline for a full software due diligence is 2-3 weeks.
The scope of our open source and third party code reviews is based primarily on the amount of code. More and larger applications and more open source-heavy languages generally mean greater scope. Similarly, multiple applications will scale the effort of application security analysis.
Software quality audits are driven by the number of languages. Typically, there will be multiple languages employed in an application. But often the scenario will dictate focus on a core language.
With offices on the US West and East coasts and Europe, Black Duck Audits support investment professionals across the globe. We drive and tailor software due diligence efforts to ensure that private equity and venture capital firms are confident with their investments, and that such processes help yield the true value of a deal and the successful execution of plans moving forward.