Constellation Insights

Black Duck Software scooped up by security vendor Synopsys: It's perhaps a stretch to call a company a startup when they've been in business for 15 years, but that's the case with Black Duck, which has offered tools and services for securing and managing open source software. Now Black Duck is making its belated exit in the form of a $565 million buyout from Synopsys. Here are the key details from the companies' announcement:

Software development is undergoing sweeping and rapid change, including the increasing use of open source software (OSS), which makes up 60% or more of the code in today's applications. While the use of open source code lowers development costs and speeds time to market, it has been accompanied by significant security and license-compliance challenges, because most organizations lack visibility into the OSS in use. Black Duck's industry-leading products automate the process of identifying and inventorying the open source code, detecting known security vulnerabilities and license compliance issues.

POV: Black Duck's focus has shifted over the years from open source license compliance toward cybersecurity concerns, which likely made the company a more attractive purchase for Synopsys. One of its chief competitors is Palamida, which was acquired by Flexera in 2016. Now Black Duck's portfolio will work in concert with other Synopsys products, such as Coverity, which provides code-scanning and validation. While Black Duck had reported a sharp uptick in business during the first half of this year, bringing it under the Synopsys umbrella will provide additional scale and visibility going into 2018.

Tor rolling out next-generation onion routing system: Developers of the Tor private communications software have delivered an update some four years in the making. Here's how the changes are summarized in an official blog post:

[T]he legacy onion system has been around for over 10 years and its age has started to show. So let's get a taste of the improvements these next generation onions provide us with:

On the cryptography side, we are looking at cutting-edge crypto algorithms and improved authentication schemes. On the protocol end, we redesigned the directory system to defend against info leaks and reduce the overall attack surface.

Now, from an engineer's perspective, the new protocol is way more extensible and features a cleaner codebase. And finally from the casuals user's PoV, the only thing that changes is that new onions are bigger, tastier and they now look like this: 7fa6xlti5joarlmkuhjaifa47ukgcwz6tfndgax45ocyn4rixm632jid.onion.

All in all, the new system is a well needed improvement that fixes many shortcomings of the old design, and builds a solid foundation for future onion work.

POV: The developers note that the new release remains in early days, still undergoing testing, and that many more features are to come as the code base stablizes. The legacy Tor system will remain the default option for users for the time being, and will still be available for some years after the switchover is made to the new version, according to the blog.

It's important to underscore that the changes in the new version focus largely on improved security, and apparently very little on faster performance. Tor has always provided a sluggish user experience—albeit due to the nature of its architecture—and that has likely held down on adoption numbers and its overall awareness. Speeding up Tor is obviously something crucial to work on over time, but for now its faithful users will no doubt appreciate a fresh approach to security in an age where both malicious attacks and the prying eyes of authorities are at an all-time high.

Adobe, Microsoft bring together CX and CRM: Microsoft and Adobe have integrated their Dynamics CRM and Experience Manager content management products, in the latest instance of progress on the companies' ongoing partnership. 

Teams from Microsoft and Adobe have been working together for more than a year on product integrations. The tie-in between Experience Manager and Dynamics CRM has a dual purpose: delivering personalized content to websites, while feeding back lead-generation information to Dynamics CRM. Together, the products comprise a gestalt for marketing and sales professionals, according to Adobe and Microsoft:

The tight integration of marketing with Dynamics 365 customer data provides joint customers with a complete view of their customers at every interaction. For example, if someone searches for a gym membership, the brand can intelligently customize its landing page, mobile app, chatbot and all other engagement to be focused on her activity of interest, such as yoga. This level of personalization helps increase the individual’s engagement through a more seamless interaction, with a high likelihood for her to convert to become a customer.

More than 150 trillion customer data transactions and 41 trillion rich media requests move through Adobe Experience Cloud each year, according to a statement.

POV: Unlike other tech partnerships, which can be high on sizzle and less so on substance, Microsoft and Adobe's pact has teeth. They are collaborating closely, with sales compensation implications on deals for reps at both companies, says Constellation VP and principal analyst Cindy Zhou. Moreover, Adobe and Microsoft's partnership is tackling a problem that truly needs solving, she adds.

"The problem is that with the dizzying array of marketing tech and sales tech out there, it is making it difficult to gain a unified view of customer data," Zhou says. This is leading to problems with customer personalization, ROI outcomes for marketing campaigns, and potentially, problems with the likes of the General Data Protection Regulation, a stringent new consumer privacy framework set to take effect next year. (You can download an excerpt of Zhou's new report, "A Guide to GDPR Compliance for Marketers," at this link.)