Feeds

Valley open-source star swallowed by Black Duck

Pulling power ain't what it used to be

SANS - Survey on application security programs

SpikeSource –a Silicon-Valley startup once blessed by big names and championed as the future of making money on open-source – has shut-up shop after seven years.

The assets of SpikeSource have been bought by Black Duck Software. Financial terms of the deal were not disclosed.

Welcoming the deal was Ray Lane, managing partner of venture fund Kleiner Perkins Caulfield and Byers, SpikeSource board member, and the person who incubated the company in 2003. He called SpikeSource a "natural fit" with Black Duck.

In 2003, Lane was just out of Oracle, where he'd been president and chief operating officer and left as Larry Ellison sought to extend his power over the database giant. Still with KPCB, Lane is now Hewlett-Packard chairman and has been having a run in with his former boss as a result.

With Lane's star power driving SpikeSource in the early 2000s, the company attracted some big tech-industry endorsements. Kim Polese was brought on as CEO just after launch. Polese was in the original Sun Microsystems Java line up as a company product manager, and she was one of the tech industry's few female CEOs, having then just served as chief executive of push-technology startup Marimba, which she co-founded in 1996.

The company's advisory board included CollabNet founder and chief technology officer Brian Behlendorf, former MySQL CEO Marten Mickos, and IP law attorney Lawrence Rosen.

The idea was simple: test and integrate popular open-source software components and sell certified stacks back to people. The opportunity was the complexity of managing open source inside big operations. Or so it seemed.

"Each time a Fortune 50 company picks up a new component it creates a new integration challenge," Polese told The Reg when all things seemed possible.

While appealing in concept, the business didn't flow, and it turned out that companies were happy making the bits and bites work themselves. Or maybe the community would do it. Or maybe large middleware and platform vendors took care of the ironing.

The only other company of note in this market was SourceLabs, which got $3.5m funding and was finally bought by EMC in summer 2009.

After seven years, Lane and others will have been looking for pay back and/or exit on SpikeSource. This is Black Duck's second acquisition in three months. Earlier this year, it nabbed Ohloh.net.

Black Duck said in a statement that the SpikeSource and Ohloh.net deals further its mission to "promote FOSS adoption by making it easier for developers to take advantage of the growing body of high-quality code in FOSS projects."

In the SpikeSource deal, Black Duck's getting SpikeInsight, an online service to identity application components and assess security vulnerabilities, SpikeForge - which consists of 17 open-source project - a group of forums, and some virtualization management technology. Black Duck provides code and license compliance tools for open-source software. ®

SANS - Survey on application security programs

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.