Application Security , Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development

Black Duck's Blueprint for Growth as an Independent Company

Francisco Partners, Clearlake's $2.1 Billion Deal Revives Legacy Black Duck Brand
Jason Schmitt, CEO, Black Duck Software (Image: Black Duck)

Newly independent Black Duck Software plans to provide real-time guardrails around AI-generated code while addressing concerns about copyright violations and insecure code snippets.

See Also: Building Better Security Operations Centers With AI/ML

The Boston-area application security firm wants to improve the speed and efficacy of its analysis engines while integrating AI to offer deeper insights and productivity gains, according to CEO Jason Schmitt. The business was acquired from Synopsys - where it was known as the software integrity group - earlier this month by Clearlake and Francisco Partners for $2.1 billion, and subsequently rebranded as Black Duck (see: Perks of Independence for Synopsys' Software Integrity Group).

"We've also seen research from third parties that show developers are much quicker to accept insecure code from a coding assistant because it has the air of expertise," Schmitt said. "Like, 'This came from an LLM. It must be smart. So, I must just be able to accept this code and move on.' We're accepting a lot more sloppy, insecure code because we think it's coming from something really, really smart."

In this video interview with Information Security Media Group, Schmitt also discusses:

  • How Black Duck is approaching the creation of a scalable, independent business;
  • How the operational expertise of Francisco, Clearlake affects Black Duck's growth;
  • The potential for market consolidation as Palo Alto Networks moves into the space.

Before joining Synopsys in August 2020, Schmitt served as CEO of cloud security startup Aporeto, where he led the company from pre-revenue through a successful acquisition by Palo Alto Networks. He has a background in software development and application security and spent years leading enterprise security products as vice president at Hewlett Packard and general manager at Fortify and ArcSight.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.