It is no secret that the use of open source software components is growing at a very rapid pace.
This is true for both young startup companies as well as established enterprise developers.
I was also the co-founder of Veracode and led the spinout of this team from @stake.
In 2009 I started my own marketing consulting company in the security space.
What exactly is the Black Duck Hub?
Black Duck Hub is a complete open source management tool.
At its core, it scans a projects source code to discover all of the open source components.
It then looks for relevant vulnerabilities in our open source KnowledgeBase.
The Black Duck Knowledgebase is the industrys most comprehensive database of open source information.
These numbers are increasing rapidly.
Every year there are over 3,000 open source vulnerabilities reported.
Traditional software testing and automated security testing tools are not effective at finding these vulnerabilities.
How was that started and how is it maintained?
We started working on it in 2002 when the company was founded and have been enhancing it ever since.
We monitor about 8,500 different sites on a daily basis for new open source software releases.
We update the component information twice a day and we update thevulnerability data every hour.
A year ago we established the Center for Open Source Research & Innovation (COSRI).
There are several components to the COSRI.
The Open Hub has 350,000 registered users and is editable by everyone, similar to a wiki.
What are the DevOps integrations that you offer?
We believe that it is best to integrate the Hubs scanning of source code into a projects build process.
You offer several types of code audits - what are they?
What have been the biggest surprises that you have found in these audits?
These are one-off audits that we call Black Duck on Demand.
On average, we found 27 vulnerabilities per software.
Some were even as much as 9-12 years.
How do you define your market?
Who is your specific target audience within that market?
How many active customers do you have today?
Where are they mainly located?
We now have more than 2,000 customers, mainly centered in the US.
We also have a strong presence in Europe, the Middle East, and Asia Pacific.
How would you describe your current typical customer?
We have many customers who are ISVs (Independent Software Vendors) building commercial software products.
We also have many enterprise customers who are writing a lot of software for their own use, e.g.
financial services, insurance companies, and technology companies.
Who are some of your biggest customers?
How are you different?
We are seeing a significant increase in the number of companies using open source software.
This is very important because it ensures a strong community and provides both growth and support.
I see a lot of startups through the audits that we perform.
Startups today are using open source software to build as much as half of their product.
This allows them to get to market faster and to also lower their development costs.
The combination of speed and cost savings is a strong motivation to use open source software.
How do you see security and open source software evolving in the coming years?
There is a growing awareness of both of these elements and they are drawing a lot of attention.
It is not just the vulnerabilities that are getting attention, but the solutions are also seeing good growth.
Companies are increasingly taking actions to solve the problems, rather than just reporting issues.
What are your future plans for Black Duck?
Black Duck will continue to strive to be the leader in open source management and security.
This goes beyond simply identifying open source components.
How many employees do you have today?
Where are they located?
Furthermore, we have established offices in China, Taiwan, and multiple locations across Europe.
How did the company name Black Duck come about?
That is the question we get asked most often… [laughs].
Black Duck was named after the founders childhood pet.
What do you like to do when you are not working?
My hobbies are fishing, biking, and woodworking.
just, comment on how to improve this article.
