The OSRM/Kiln partnership differs from software compliance vendors such as Waltham, Mass.-based Black Duck Software Inc. and San Francisco-based Palamida Inc. because those companies analyze a company's code and tell them what they must do to ensure license compliance, but they don't provide actual insurance, Egger said.

Matthew Hogg, an underwriter for Kiln, said the insurance policies are similar to having a building inspection performed before buying a new home.

"Potentially, it's a large market," Hogg said. "It will appear to some people as a niche market for the next six months or a year, but after that, it will gain considerably. It's very relevant to technology companies that are distributing or selling software products."

Analysts have differing views on the insurance coverage idea. Stephen Graham, an analyst at market research company IDC in Framingham, Mass., said adding insurance coverage to a risk analysis services makes sense, but added that it's more likely to be used as another tool rather than as a revolutionary shift. "Is it really going to take the industry by storm?" he said. "Probably not, but it's another step along the path."

Michael Goulde, an analyst at Forrester Research Inc. in Cambridge, Mass., said he was "a little disappointed" with the initial insurance offering from OSRM because it's focused more directly at commercial software companies rather than at everyday corporate users of open-source software. "It's not that what they're doing isn't valuable," he said. "But it's a fairly narrow policy. It's a start. You've got to start somewhere. If Kiln makes money, someone else will step in to do this."