Software Compliance Gets Easier to Manage
Black Duck Releases protexIP/development 4.0
Software license compliance is not one of those issues that just leaps out and screams for assistance, but if you are running a software development shop with multiple projects with multiple developers on each project, license compliance is a very serious issue to contemplate indeed.
For some time, Black Duck Software has provided tools and services to step in and solve this problem. Today, at the Gartner Open Source Summit in Phoenix, Black Duck has introduced the next generation of its protexIP/development tool, version 4.0.
The new compliance-management features some glitz, but where the application shines is in the improvement of the actual code-matching process that protexIP uses to find blocks of code that could be licensed under various licenses. This "Precision" process compares code with Black Duck's KnowledgeBase, including commercial APIs and scripting languages in a faster, more accurate way, according to Black Duck executives.
Another new feature of the 4.0 product, one that should appeal to project managers is the Executive Dashboard, which gives users a comprehensive view of project components and the licenses involved in the project. Using a code navigator, code that comes from an external source can be highlighted, and once the license for a specific block of code is identified, protexIP can generate a compliance checklist to help make sure that all license requirements are complete before the final product is shipped.
On the glitz side of the equation, the Black Duck development team has added a new AJAX-based GUI to the products, as well as software development kit (SDK) plug-in capability, which will allow protexIP to be merged into most existing development-process tools.
The sum of these new additions and improvements seems be targeted at making protexIP much more accessible to managers of development shops and perhaps lower the bar for integrating license management into their overall development process. The net effect, Black Duck hopes, will be to lower the fear factor that surrounds open source software development.
"Customers are interested in open source and compliance in all of their code," according to Black Duck President and CEO Doug Levin. "A lot of the fear has been run out of the market."
A tool that has such potential for helping open source development on the legal side of the equation does lead one to wonder why protexIP isn't released under some form of open source license itself. Currently, the toolset falls under a proprietary license.
Levin emphasized that for now, Black Duck's strategy is to establish and maintain a position in the market as a trusted third-party source for licensing and code information, which is why the proprietary status is important to them now. But, this should soon change.
"We intend to do an open source project in the coming year," Levin indicated, though he did not specify which product or feature set would be made open. The non-open status doesn't seem to be hurting Black Duck's business so far, as Levin is more than pleased with the adoption rate of his company's products.
According to today's announcement, protexIP/development 4.0 will be available in mid-November, as an annual subscription that includes the software, KnowledgeBase and product updates, and customer support. The annual subscription price is based on the number of users and the size of the managed code base. protexIP/development Enterprise Edition is priced starting at $25,000; protexIP/development Professional Edition for single users is priced starting at $9,500. protexIP/sdk is priced starting at $10,000 and requires a base protexIP/development subscription.