MOUNTAIN VIEW, Calif. and BURLINGTON, Mass., Nov. 2, 2017 -- Synopsys, Inc. (Nasdaq: SNPS) and Black Duck Software, Inc. have signed a definitive agreement for Synopsys to acquire privately held Black Duck, a leader in automated solutions for securing and managing open source software. The addition of Black Duck's highly respected Software Composition Analysis solution will enhance Synopsys' efforts in the software security market by broadening its product offering and expanding its customer reach.
Under the terms of the definitive agreement, Synopsys will pay approximately $565 million, or $548 million net of cash acquired. In addition, Synopsys will assume certain unvested equity of Black Duck employees. The transaction will be funded by Synopsys with U.S. cash, and is subject to Hart Scott Rodino regulatory review and other customary closing conditions. The acquisition is expected to close in December 2017.
"Our vision is to deliver a comprehensive platform that unifies best-in-class software security and quality solutions," said Andreas Kuehlmann, senior vice president and general manager of the Synopsys Software Integrity Group. "Development processes continue to evolve and accelerate, and the addition of Black Duck will strengthen our ability to push security and quality testing throughout the software development lifecycle, reducing risk for our customers. We look forward to working with Black Duck's experienced team as we drive our combined solution to the next level of value for our customers."
Software development is undergoing sweeping and rapid change, including the increasing use of open source software (OSS), which makes up 60% or more of the code in today's applications. While the use of open source code lowers development costs and speeds time to market, it has been accompanied by significant security and license-compliance challenges, because most organizations lack visibility into the OSS in use. Black Duck's industry-leading products automate the process of identifying and inventorying the open source code, detecting known security vulnerabilities and license compliance issues. It also provides automated alerts for any newly discovered vulnerabilities affecting the open source code.
Customers are seeking to address security and quality as early as possible in the software development cycle to enable Continuous Integration/Continuous Delivery (CI/CD) and the move to the cloud. Given open source's prominence in application development, early identification of security and compliance issues increases the ability to deliver secure, high-quality software more quickly.
"Today, software security is top of mind for every organization and their Boards of Directors. As reliance on open source grew rapidly over the last decade because of its economic value, most organizations have struggled in their efforts to secure and manage it effectively. Many high-profile, costly breaches resulted. Our rapid growth and success over the last four years is evidence that organizations are taking open source security very seriously," said Lou Shipley, chief executive officer of Black Duck. "We're excited to join an organization that shares our commitment to addressing security and quality issues at the earliest phases of the software development process. Doing so will enable us to provide leading solutions that enable customers to develop and deliver more secure and higher-quality software faster than ever before."
While Synopsys has not yet provided financial guidance for fiscal 2018, the preliminary review indicates that, due to the impact of purchase accounting and the associated deferred revenue haircut of approximately $25-30 million, Synopsys expects Black Duck to contribute approximately $55-60 million to fiscal 2018 revenue. Synopsys currently expects the acquisition to be approximately 12 cents dilutive to 2018 non-GAAP earnings per share, reach break-even in the second half of 2019, and be accretive thereafter (all on a non-GAAP basis). Investors should no longer rely on previous preliminary commentary regarding 2018 consensus estimates.
Barclays acted as exclusive financial advisor to Black Duck on this transaction.
About the Synopsys Software Integrity Platform
Synopsys offers the most comprehensive solution for building integrity —security and quality— into the software development lifecycle and supply chain. The Software Integrity Platform unites leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. This portfolio enables companies to develop personalized programs for detecting and remediating defects and vulnerabilities early in the development process, minimizing risk and maximizing productivity. Synopsys, a recognized leader in application security testing (AST), is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. For more information, go to www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.
About Black Duck Software
Organizations worldwide use Black Duck's industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.