Synopsys has acquired Black Duck in a $565 million deal intended to advance the semiconductor IP company’s presence in the open source arena.
Massachusetts-based Black Duck specialises in securing and managing open source software, including detecting vulnerabilities such as issues around licensing compliance.
The deal is expected to provide Synopsys’s clients with a better view of their usage of open source software, as well as any related security risks. Open source software has become increasingly popular over the past decade due to its economic value, however many companies have struggled to get optimum value from it – not to mention having suffered a number of costly breaches.
“The addition of Black Duck will strengthen our ability to push security and quality testing throughout the software development lifecycle, reducing risk for our customers,” Andreas Kuehlmann, senior vice president and general manager of the Synopsys Software Integrity Group, said in a press release.
Over 60% of vendors have increased their usage of open source software in the past year, according to a Black Duck survey. Cost savings, easy access, and no vendor lock-in were cited as the main reasons for this choice, followed by the ability to customise code and fix defects directly. Better features and technical capabilities were also high on the list of benefits enjoyed by open software users, plus a general satisfaction with the rate of open source evolution and innovation.
This deal by Synopsys, which is not a particularly acquisitive company, is reflective of this move towards open source software being more widely embraced. As most businesses are still tracking vulnerabilities associated with open source software in a manual process, the obvious need for automation makes this a good deal for Synopsys – not to mention an interesting time for other players in the open source arena.