SAP implements Black Duck Suite
The open source manager is set to ease SAP’s compliance worries and further the company’s embrace of open source codes.

SAP is implementing the Black Duck Suite to manage open source code in its applications. This is being seen as an indicator of how far the company has come in its acceptance of open source as a catalyst to speeding up the development process.
SAP's problem is a challenge that faces many companies when incorporating open source code. There is a range of licences that accompany the components and these have to be complied with before the code can be used in otherwise proprietary software.
The Black Duck Suite handles the management, compliance and security issues associated with open source. It provides a search engine for selecting open source code, monitors the components in use and validates them before they are deployed.
Francis Ip, head of global technology legal compliance at SAP, said: "With the continuously increasing importance of open source globally and SAP's recent strategic change towards systematically utilising benefits that come with open source, it was necessary for us to scale our open source process through further automation."
SAP first considered introducing open source in 2001, but it was seen as a risky option and managed as an exception.
In 2002, it joined the Eclipse Project, but it was an uneasy relationship for the first five years. In the past few, the company's relationship with the open source movement has improved as it began to see it as a productivity enabler.
Initially, external components were strictly controlled but the implementation of Black Duck will allow greater freedom for the SAP developers to validate and incorporate open source in a fully compliant way.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Bob Tarzey, analyst and director at Quocirca, said: "SAP is just recognising the reality in the growth of open source. Some of its code is built from the bottom up but increasingly exciting proprietary code is being put in the public domain under open source licences."
"Like many other software vendors, it makes little sense for SAP to reinvent the wheel for utility functions."
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
Why Microsoft thinks diversity will keep security workers relevant in the age of agentic AI
News Improved AI skills and a greater focus on ensuring agents are secure at point of deployment will be key for staying ahead of attackers
-
Data sovereignty a growing priority for UK enterprises
News Many firms view data sovereignty as simply a compliance issue
-
Elevating compliance standards for MSPs in 2025
Industry Insights The security landscape is set to change significantly in the years to come with new regulations coming into effect next year, here's how the channel needs to adapt
-
How ready is your company for NIS2?
Supported Content The EU’s latest cybersecurity legislation raises the stakes for enterprises and IT leaders - and ensuring compliance can be a daunting task
-
Top data security trends
Whitepaper Must-have tools for your data security toolkit
-
Conquering technology risk in banking
Whitepaper Five ways leaders can transform technology risk into advantage
-
Advancing your risk management maturity
Whitepaper A roadmap to effective governance and increase resilience
-
When banking works, the world works
Whitepaper Five ways automated processes can drive revenue and growth across your bank
-
Automating digital resiliency in banking
Whitepaper Prioritize investment in solutions that mitigate a lack of digital resiliency when disruptions strike