Recognizing This Year’s Open Source Rookies

Congratulations to our Black Duck Rookies in Open Source

Keep Your Eyes on These Great Open Source Projects

This week we announced the winners of our Black Duck Open Source Rookie of the Year award. It’s the eighth year Black Duck has recognized the most exciting open source projects launched over the past year, but it’s the first time I’ve been part of the selection process. I have to say, it was fascinating researching the projects and interviewing the teams that build them, and I was blown away by how many interesting and ambitious projects were launched in 2015. You can read about all of the projects on our Rookies of the Year page, but I’d like to also give you a bit of a “behind-the-scenes” look at how we selected these projects.

How We Select Black Duck Rookies

In order to deliver our open source security and management products, we gather and maintain information on nearly a million and half open source projects, from thousands of global repositories, in the Black Duck KnowledgeBase™. Much of this information is also made available to the community for free via, where open source project teams and consumers can monitor community activity.

Our selection process begins with a selection of 100 to 200 projects that meet baseline requirements. From this initial list our selection committee researches the projects looking various factors including community activity and growth as well as project vision and value to the marketplace. This narrows the list down to 20-25 finalist candidates. We then try to conduct live interviews with project teams to learn more about them. While this takes some time, it’s actually the most enjoyable part of the process.

SPOILER ALERT: There are some really smart and passionate people behind these projects.

It should come as no surprise that they are all just as passionate about the open source model for software development as they are for their particular projects. Whether it’s because they see a way for their business to gain competitive advantage by adopting open source, or that they want to tap into a global community of experts in their particular field, they see open source as the optimal model for their objectives.

Highlights from the Black Duck Rookies Class of 2015

As we went through our selection process, I was struck by a few themes that shed light on the state of technology as a whole, as well as that of open source. The first theme: enterprise real-time communication and collaboration continue to be fertile ground for open source innovation. Many of us, myself included, are pretty dependent on tools like GoToMeeting and Slack. But what if you don’t want to be locked into a proprietary solution? Our rookies class has three great options for you: and Mattermost are Slack alternatives, while provides simple and lightweight video conferencing.

The next thing that stood out: the amount of activity in the DevOps and Docker container ecosystem. It’s hard to believe that only two years ago we named Docker to our Open Source Rookies list. Since that time, market interest in DevOps and rapid deployment technologies in general, and Docker in particular, has exploded. There were many projects launched in 2015, and it was hard to chose which ones to name to the list. In the end we selected four. Kontena and Nulecule (part of Red Hat Atomic) provide solutions for orchestrating and simplifying deployment in complex environments. Chef’s Inspec helps companies add automated compliance testing to their DevOps environment, while Capital One (that’s right, the “what’s in your wallet?” people) have put their own DevOps dashboard solution, Hygieia, into open source.

Many open source projects are often targeted specifically at other development teams. A lot of these are small… and then there are those that are driven by industry giants like Google, Facebook, or Twitter. These companies are very active in the open source community and this year we are recognizing two projects in particular. The first is Bazel, a large scale build automation system developed and used by Google. The second is React Native, an extension to the React mobile development framework, sponsored by Facebook. Both of these projects look to be very promising solutions for development teams.

But Wait, There’s More!

In addition to projects in these three categories, two additional projects stood out from the rest. First is Glucosio, the first open source monitoring solution for people with type 2 diabetes, launched in 2015 when project founder, Benjamin Kerensa, was diagnosed with type 2 diabetes and found no open source tools to help people like him track glucose levels and other health metrics. They have a great story and a great project. Then there’s MXNet, a lightweight artificial intelligence “deep learning” library, developed by an international group of researchers. This is the type of non-commercial project many of us think of when we hear the words “open source,” and it seems to be a thriving project and community.

Finally, because it was so difficult to pick winners out of the finalists, we decided to give honorable mentions to three projects:  Hashicorp’s Vault, RancherOS, and OWASP Security Knowledge Framework. All three are interesting and you can read more about them on the Open Source Rookies page.

So that wraps up this year’s Rookies. It was a lot of fun selecting them. Stay tuned for upcoming “interview” blogs with some of the project teams, where you’ll learn more about their stories and plans for the future. In the meantime, hopefully you see some projects you may want to explore for yourself!

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Understand What's Inside Your Containers with Black Duck OpsSight

| Nov 17, 2017

There was a lot of excitement at FLIGHT2017 as Black Duck announced the launch of its newest container security product, Black Duck OpsSight. Containers have revolutionized the way teams package and deliver software applications. But while they make life easier in a lot of ways, they also make it

| MORE >

Did Lack of Visibility into Apache Struts Lead to the Equifax Breach?

| Sep 11, 2017

As most of you are aware, last Friday news broke of a major data breach at Equifax. As one of the major credit reporting agencies, Equifax maintains a vast amount of sensitive personal and financial information for residents of the United States and the United Kingdom, and this breach is reported

| MORE >

Hub 4.1 Makes Managing Open Source Risks Easier

| Aug 21, 2017

We’ve recently updated Black Duck Hub with a number of new capabilities that make it easier for teams to discover open source in their environment, prioritize their vulnerability and compliance management activities, and determine the best upgrade path for open source components that are

| MORE >