Today, Synopsys completed the acquisition of Black Duck Software, a well-respected, established leader in Software Composition Analysis (SCA), which helps organizations identify open source components in their software and check those components for known security vulnerabilities. The two companies are strategically aligned, with a shared vision of building security and quality into the software development life cycle and across the cyber supply chain. Black Duck will enhance our efforts in the software security market by broadening our product offering and strengthening the Software Integrity Platform.
Software development is undergoing sweeping and rapid change, and one of those changes is the increasing use of Open Source Software (OSS). Analysts report that OSS makes up 60% or more of the code in today’s applications. SCA products enable organizations to identify open source components in their software and check those components for known security vulnerabilities and for license compliance.
Since the creation of the Synopsys Software Integrity Group (SIG), we have been striving to offer a comprehensive, end-to-end portfolio for software security and quality. The acquisition of Black Duck is an important step in this process, giving companies a scalable approach for minimizing software-related business risk, ensuring timely product releases at predictably lower cost, and ensuring internal and external standards compliance.
With the acquisition of Black Duck, the Synopsys Software Integrity portfolio features:
We’d like to give a warm welcome to the employees of Black Duck, and look forward to a bright future working together to add even more value to our customers.