Source code management issues are aired

17.11.2005
Vendors touting wares for source code management at an industry event Wednesday cited different business strategies for this market. But all made solid points about critical issues such as intellectual property and security.

Appearing at the IBDNetwork's Under the Radar event, executives from four companies gave brief presentations to a panel of three venture capitalists, whereupon the vendors were judged by both the panel and the audience. The companies included: Black Duck Software, which focuses on code analysis and intellectual property; Coverity, which addresses code quality and bugs; Fortify Software, which cites security as its forte, and Metallect, which locates interdependencies in software so the applications can be managed as a portfolio.

The event was held at Microsoft offices. In the end Coverity got the audience's nod as the vendor of choice while Fortify won over the venture capitalists. Each vendor had only five minutes to state its case, followed by a short question-and-answer period.

In making his pitch, Black Duck President and CEO Douglas Levin said software now is being assembled as components, with the Internet serving as a collaboration medium. But this assembly process carries with it risks in areas such as intellectual property obligations, Levin said.

Black Duck offers a subscription service for code analysis based on a knowledge base of 8 million files and 600 licenses, including the SourceForge knowledge base, Levin said. Users of the service are able to track software projects.

"Ultimately, this covers the entire lifecycle of software development." Levin said. Black Duck also will monitor development done via outsourcing, to make sure that code respects intellectual property obligations, he said.