Automate Open Source Compliance with Protex
Open source software is free to use, but it comes with license obligations Poor open source compliance can expose you to costly, time-consuming risks, including litigation and loss of IP.
Black Duck® Protex™ is the industry’s leading solution for managing open source compliance. Protex integrates with existing development tools to automatically scan, identify, and inventory open source software, allowing you to understand license obligations, conflicts and risks. This enables you to mitigate these risks by enforcing license compliance and corporate policy requirements.
Comprehensive Binary Analysis
Protex Binary Analysis Tool (BAT) integration offers comprehensive, automated analysis of custom binaries that may contain open source software.
- Analyze data from more than 30 types of compressed files, file systems, and installers
- Reduce uncertainty when deploying binaries that include open source software
- Access information on over 200,000 open source binary packages
Black Duck Code Label
The Black Duck Code Label provides summary of what’s in your code. Using output from a Protex code scan, Code Label tells you what open source you’re using and the license obligations associated with it.
Open Source licensing can be complex, but Code Label makes it easy for you to get the information your organization needs:
- Legal teams can isolate possible license violations and conflicts
- Developers can drill down to identify problematic components and level of use
- Governance teams can compare their Code Label against company policies to assess potential conflicts prior to deployment
During M&A due diligence, the Code Label enables verification of code composition prior to commitment.
Protex gives developers access to information on the open source usage and license obligations directly in familiar tools including:
- Eclipse and IntelliJ IDEA IDEs
- Jenkins, Maven and TeamCity continuous integration (CI) systems.
The SDK extends the capabilities of Protex and enables your development team to tightly integrate with native development tools and processes. The SDK provides a SOAP API that allows you to to integrate and automate a broad set of functions in your environment, including:
- Code scanning and analysis
- Status reporting
- Release, approval and sign-off process integration
- Build-process integration
About Black Duck Software
Black Duck Software is the partner of choice for open source software adoption, governance and management. Enterprises of every size depend on their products to harness the power of open source technologies and methods. As part of the greater open source community, Black Duck Software connects developers to comprehensive resources through Open Hub, and to the latest commentary from industry experts through the Open Source Delivers blog. More details…
Find out more…
For more information on how Protex from Black Duck Software can help your organisation manage its open source compliance obligations please complete the form below.