Black Duck Software has announced the availability of expanded audit services with the addition of new code analytics that can help organizations acquiring new technology better track the code in their environments.
The new audit services in the Black Duck Code Quality Audit (CQA) deliver a comprehensive code quality report for internal audits and merger and acquisition due diligence. The analysis evaluates key software quality criteria, including code reliability, efficiency and maintainability to help companies manage operational risk and reduce support costs. By using a trusted third-party, companies can ensure the intellectual-property assets of a prospective acquisition remain confidential, Black Duck said in a press release.
Black Duck developed the new service with the input of some of its customersincluding some of the largest and most active acquirers in the industry. The service culminates in a report designed to help corporate and business development managers compare their code against industry best standards for coding.
The Black Duck CQA uses static analysis, comparative analysis and inspection of development processes to create an overall assessment of code base quality. To address the urgency and risk typical of situations that call for a code quality audit, the Black Duck CQA quickly determines if the code analyzed is structured to enable efficient, ongoing development; is complex and might drive up maintenance costs; is well-documented; and follows industry best practices regarding the software development lifecycle (SDLC).
“When we look at an M&A opportunity, this type of analysis is crucial to our due diligence efforts,” said Todd Richmond, vice president of enterprise architecture at Sabre Holdings, in a statement. “We’re pleased that Black Duck, a trusted vendor, is adding this comprehensive analysis to their repertoire of audit services.”
As a one-week or less process, Black Duck CQA brings speed, expertise and tooling to facilitate a comprehensive evaluation. When combined with the Black Duck Open Source Audit, users can get a deep view into their own or a target an organization’s code assets, Black Duck officials said.
“With hundreds of customers and experience in M&A deals valued at over $70 billion, Black Duck is the trusted partner for software IP assessments,” said Tim Yeaton, president and CEO of Black Duck, in a statement. “As acquisitions grow in importance as part of many companies’ corporate development strategies, there is increased demand for better and more comprehensive vetting of software assets, and we’re excited to meet that need with the CQA service.”
The Black Duck CQA report has a detailed breakdown, including a development process analysis and assessment of the quality of technical documentation and comments, code complexity and comparisons benchmarked on known code bases.
“Black Duck’s Code Quality Audit has provided us with key metrics around our code base, ranging from information on code structure, its documentation, scalability and level of maintainability,” said John Collins, president and CEO of Nolij, a document imaging and data integration software maker, in a statement. “The descriptive audit was completed with speed and expertise, two qualities we can always expect from Black Duck.”