Black Duck Software, a company specialized in helping software developers ship products based on open source software more rapidly, also known for its acquisition of open source code search engine Koders.com completed in April 2008, has announced a $9.5 million capital raise today.
The company received $4.5 million of venture debt financing from Gold Hill Capital in addition to $5 million in equity investment from its current investors General Catalyst Partners, Fidelity Ventures, Flagship Ventures, Focus Ventures, Intel Capital, SAP Ventures and Red Hat. This is their fourth round of funding; the company has now raised a total of $38.5 million in financing.
Black Duck was founded in 2002 and initially focused on selling software that helped companies deduce licensing obligations that may arise as they develop or buy open-source software (there are over 1,400 different licenses in use today). The company today does a lot more than that, offering consulting, training and customer support services next to a set of products designed to accelerate software development through the managed use of open source and third-party code.
The company says 2008 was a year of momentum, with an increase of 42% in year-over-year bookings and subscription and services growth of 65%. It now has nearly $10 million more in the bank to expand their product line and international presence.
They seriously had $38.5M of funding? Thats just mad, really mad.
“Black Duck Software is a global provider….” exactly how big is the global market for managing free code?
I used BlackDuck on a few occasions, doing consulting for a company re: risk management of open source software. The BD system would scan code and report on potential matches or points of concern.
Perhaps it’s gotten better in the last year, but I found it to be
a) extremely slow
b) extremely cumbersome
c) not well documented
d) something that generated a whole lot of data, but not useful information
e) something that generated a lot of false positives
Again, maybe it’s better now? I doubt it, cause they’ve got no real competition.
I do remember being impressed with the idea of VS and Eclipse plugins that could scan your code and warn of violations during development, rather than scanning code that was already done. *That* seems useful. However, it would require a lot of training to get rid of the false positive for each and every company using it.
Our company acquisition was not completed until we passed the licensing checks with Black Duck. When you are acquiring a company every month Black Duck can be quite a bit handy.
I did those types of audits for companies for a bit, and BD reports (late 2007) were just full of false positives. Occasionally missed real positives too (not often) but having to rely on a ‘clean bill of health’ from BD on its own would just be crazy. You have to have some external consultants (handily BD provides those too!) to interpret and analyze the results. Good business model, I guess.
How do you think they’ll use this new founding ?
this is stupid; open source is free; and if you code like me, why would you ever want to use some fucked up service to help you go through the code; if you can’t go through the code, then you shouldn’t be a developer.
why do VCs just piss their money down the drain.
Err, no. Also, did you miss the fact that Red Hat also participated in the round?
What about if *you* didn’t write the code?
What about if *you* have something to hide in the code?
Do you even understand what BlackDuck does?
It’s attitudes like yours that scare people enough to buy BlackDuck and similar services in the first place.
Forgive me for being ignorant, but could someone post a link or explain why you would need to scan open-source code? Just like the poster above stated, I thought open-source was free? Therefore there shouldn’t be any worries of infringement… right?
There are a ton of OSS licenses. So yes, in general it is free for you to use. But if you are including it in a product that you plant to sell, it may not be totally free for that use. This is true of the GPL. If you inadvertently include GPL code in your product, then you need to open your code to the public. If this was not your plan, you need to know before you ship GPL code in your product.
That’s what BD does.
Wow.
Get it?