Black Duck Software, Inc.

Black Duck Software, Inc. is a leading provider of application security testing (AST) solutions, specializing in managing the security, quality, and compliance risks associated with software. The company's mission is to enable organizations to build trust in their software, empowering them to innovate and adapt to new technologies. Black Duck Software is headquartered in Burlington, Massachusetts, USA.

The company offers a comprehensive portfolio of application security products and services, including its flagship Black Duck Software Composition Analysis (SCA) for open source risk management, Coverity Static Analysis (SAST), WhiteHat Continuous Dynamic Analysis (DAST), Seeker Interactive Analysis (IAST), and Defensics Protocol Fuzzing. These solutions are often unified through the Black Duck Polaris SaaS Platform, which integrates SAST, SCA, and DAST capabilities. Black Duck's offerings address critical market segments such as software supply chain security, open source security, and regulatory compliance.

In October 2024, Black Duck Software, Inc. rebranded and re-emerged as an independent entity after being acquired from Synopsys by private equity firms Clearlake Capital Group and Francisco Partners for $2.1 billion. Led by CEO Jason Schmitt, the company continues to be recognized as a market leader in Application Security Testing, having been named a Leader in the Gartner® Magic Quadrant™ for AST for eight consecutive years as of October 2025. Black Duck is currently focused on developing AI-powered application security solutions to meet the demands of modern software development and address the risks associated with AI-generated code.