Black Duck On-Demand and Synopsys: Running the Walk

Black Duck On-Demand and Synopsys: Running the Walk

Soon after Black Duck merged with Synopsys, I wrote about my initial impressions of the company, specifically as a home for the Black Duck On-Demand audit business. By way of update, in short, my initial, positive impressions hold. This is the right place for Black Duck and the audit business that so many in the industry have come to rely on.

Integrity/Execution/Leadership/PassionAs outlined previously, the Synopsys culture is extraordinarily well-aligned with the critical elements of our audit business: Maintaining trust through integrity, being hyper-responsive through execution and leading the market with superior services and tools. And all that with the same passion that drives my team every day. To be fair, those initial impressions were based on Synopsys’s “talking the talk.” However, a few months of “walking the walk” have only reinforced my conviction that we have a great home. Actually, these months have felt more like running the walk! 

Trust and Responsiveness

The company has been very sensitive to not compromising even an inch in these key areas. Thus, we have continued to run the business largely independently of the rest of the company. As we have been integrating into various Synopsys systems, the planning always starts with ensuring that nothing will impinge on our abilities. For example, selected team members have been testing Synopsys laptops for a month to ensure they can efficiently execute every aspect of their jobs before migrating over. And, be assured, we are extremely mindful of the importance of our discretion and confidentiality to customers. That is top of mind as we architect our networks, processes and systems going forward. We have assigned a top compliance attorney in Synopsys to maintain data-segregation within our trusted (as well as trusty) team.


Perhaps the most exciting aspect of the merger from the perspective of supporting M&A transactions is the opportunity to extend our offerings into security. Earlier this month, a Wall Street Journal article outlines the rising importance of cyber security in M&A and cites examples from ADP and The Home Depot.

Today, Black Duck On-Demand audits focus on open source components, licensing issues and known security vulnerabilities in those components. Albeit a critical aspect, this is only part of the software security story. The Software Integrity Group at Synopsys (SIG) offers a full range of services in software security that go beyond open source, from benchmarking security programs to reviewing software architecture to penetration testing to digging into the details of proprietary code to find critical coding errors. We are in the process of leveraging those capabilities to expand the menu of ways in which we can augment our customers' due diligence efforts.

In the same way that Black Duck is the name in open source management, Forrester and Gartner have designated Synopsys the leader in software application security. An important component of that leadership is our vast security consulting resources and skills. Additionally, SIG augments our open source strength with additional security research capabilities. Did you know that our team in Finland discovered Heartbleed? (They were known as Codenomicon at the time, prior to their acquisition by Synopsys.)

It’s exciting to be associated with the leader and even more so to apply a new breadth of capabilities to helping clients who rely on Black Duck services to support their M&A due diligence.

As always, please feel free to contact me if you have questions or if I can be helpful. You can reach me at podence at

Request a Custom Code Audit

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Enhanced Legal Tab in Black Duck Audit Reports

| Mar 7, 2018

If you have reviewed any Black Duck audit reports recently, you may have noticed improvements in the legal tab and the way we report on findings. The new report format has received some very positive reviews, the theme being that it makes reported results more actionable. The biggest change we

| MORE >

Black Duck by Synopsys: Being Part of Our Kind of Company

| Jan 10, 2018

In the wake of selling Black Duck to Synopsys, it’s really interesting work through all facets of integration. An energizing journey it is to learn a new company, something I have not experienced in nearly a decade. Soon after we announced, I explained to my dad some of my experiences interacting

| MORE >