Open source software components, while free to use, have a license attached to them. The license lists the requirements that the company using the open source software needs to meet. Certain licenses may impose restrictions on the intellectual property of the software products that use them. Also, failing to meet license requirements could make the use of the open source components illegal.
Therefore, investigating which open source components are included in a software product and how they are used is a standard part of every M&A due diligence process.
In addition to M&A, open source due diligence is standard in OEM deals, where the licensor is often required to indemnify the licensee. Increasingly, we see software buyers insisting on due diligence because they are concerned that legal action against a vendor will affect their operation. While open source due diligence has always been a standard requirement for most transactions, the growing percentage of open source components in commercial software means that manual due diligence or the use of software scanners is no longer an option. |
Ron Rymon, a serial entrepreneur and active chairman of WhiteSource software, was involved in two open source due diligence processes:
“I was involved in two M&A transactions – and the open source due diligence process in each transaction was completely different. When negotiating the sale of the first company, we had to work very hard to create a report of the open source components that we used and their licenses. We spent a few man weeks including some very long nights working on the open source report, while negotiating the deal during the day. It was very hard. This is why we started WhiteSource” says Rymon.
“WhiteSource creates a full open source report, including risk and compliance analysis, in one click. So when I sold the second company, we were able to produce the report in minutes.”
WhiteSource now offers an Open Source Due Diligence package, aiming at providing a quick and cost-effective answer to the need of producing an open source analysis for an M&A, private equity, OEM and software purchasing deals.
Want to hear more about Ron Rymon’s M&A experience and about the WhiteSource solution?
WhiteSource will be presenting a free webinar titled “Due Diligence Made Easy: Open Source Report and Analysis” on Wednesday, September 17th 7:00 a.m. PDT. For more information and to register please go here.
WhiteSource provides an easy-to-use solution for managing the use of open source components in software development.
WhiteSource continuously provides comprehensive and up-to-date open source inventory reports, license risk analysis and compliance reports and proactively alerts on security vulnerabilities whenever discovered, as well as available fixes.
WhiteSource takes minutes to setup, requires no training, and completely removes the burden from developers. The service is affordable to companies of all sizes.