Protecode updates portfolio for safe use of open source

Software lifecycle management vendor Protecode Inc. has made available new components in the third release of its portfolio of offerings that aim to help developers better manage the open source code they reuse.

“More and more, developers don’t actually write code in order to get code,” said Mahshad Koohgoli, CEO of Ottawa-based Protecode.

But that heightens the probability of what Koohgoli calls “code contamination” or where content is brought into a development project without regard for the licensing or copyright obligations.

“Developers don’t know better, policies are not in place, good record keeping is not in place,” said Koohgoli.

One new tool in the company’s Software Lifecycle IP Management Portfolio is the Repository IP Checker, which analyzes software files as they are placed in the company’s vault.

Typically, developers will take out software from the vault, modify it, then place it back, but the Repository IP Checker ensures that all incoming files get analyzed, said Koohgoli.

“So we’ve created a trigger on the door to this vault,” he said.

Among the portfolio offerings that have been enhanced is the Developer IP Assistant, which is now platform-independent to respond to the fact that no organization maintains a homogeneous environment, said Koogholi.

The Developer IP Assistant basically “fits on the developer’s workstation, becomes part of the developer workflow” and analyzes new content created or brought into that workflow against central policies, said Koohgoli.

That way, the developer can take corrective action should there be a violation of policy.

Protecode’s flagship product, Enterprise IP Analyzer, has been enhanced to allow the capability to perform interactive and flexible reporting on analysis results.

“You can very quickly funnel down into questionable areas rather than going over very large files of results,” said Koohgoli.

The portfolio also includes Build IP Analzyer to ensure software files being introduced to the build process are actually cleared for usage. “The idea is that you may have in your vault files that are not necessarily cleared for introduction to market,” said Koohgoli.

While open source software has been around for at least a decade, Koohgoli said large companies who initially shied away from using it have realized in recent years that it drives down development costs.

Such development tools, he said, bring transparency to software creation much like version control and bug management today are accepted parts of the development process.

On the topic of open source development in the enterprise, Jay Lyman, enterprise software analyst with New York-based The 451 Group, previously noted that proper process or policy for bringing in open source components is generally lacking in the enterprise.

“Less and less we hear organizations saying no open source at all,” said Lyman. “That is sounding more and more unreasonable especially with the economy.”

Release 3.0 of the Protecode Software Lifecycle IP Management portfolio is generally available.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now