Fifteen-year-old Black Duck Software gets its exit, selling to Synopsys for $565 million

Black Duck Software, a 15-year-old company whose products automate the process of securing and managing open-source software — including detecting license compliance issues — is being acquired by Synopsys, the publicly traded maker of semiconductor-design software.

Under the terms of the definitive agreement, 31-year-old Synopsys will pay approximately $565 million, or $548 million net of cash acquired, meaning the cash on Black Duck’s balance sheet has been subtracted from the purchase price.

Additionally, Synopsys says it will assume certain unvested equity of Black Duck employees.

It’s a cash transaction.

The deal, expected to close next month, reflects the shift in how enterprises buy and deploy software, with software that’s open to change and free to adopt no longer the exception but the rule. In fact, open-source software now makes up more than 60 percent of the code in today’s applications. Synopsys is buying Black Duck to strengthen its ability to push security and quality testing throughout its software’s development life cycle, reducing risk for its customers.

Black Duck looks to be the first full-fledged acquisition this year for Synopsys, which in January acquired certain assets of a Netherlands-based software company called Forcheck that produced a static analysis tool for detecting coding defects and anomalies in Fortran applications.

Synopsys, which boasts a $13 billion market cap, doesn’t seem highly acquisitive as a general rule. Though it acquired four companies in 2014, it picked up just two last year and two in 2014.

Black Duck, based in Burlington, Mass., had raised at least $75.5 million over the years, shows Crunchbase. Its backers include Fidelity Ventures, Focus Ventures, Gold Hill Capital, Split Rock Partners, General Catalyst Partners, next47 (a venture unit of Siemens) and Flagship Pioneering.