Open source audits still have huge potential

A new survey from OpenLogic shows just how much potential open source auditors, like Black Duck, Palamida, and OpenLogic itself, still have in the enterprise space, despite their rising sales and profits.

The survey, which Open Logic also offered as a CSV file, showed that programmers are aware of the problem, but top management remains fairly ignorant.

• Two-thirds of companies that are distributing open source don't know it.
• Only one-in-five companies are using any tools to keep track of it, even though four in five actually distribute it.
• People who understand copyleft's requirements are far more likely to use audit tools to identify and manage their open source assets.

The Web and mobile applications are behind this trend, the survey said. Almost half the companies surveyed who said they didn't distribute open source in fact had Web-facing applications that did. Offshore development, the delivery of mobile apps to customers, and the addition of software to existing products are also pushing the trend.

When the audit companies first emerged, almost five years ago now, I was skeptical of how much good they could do. Now I know different. Open source is diverse, enterprise computing is diverse, and keeping track of licenses, and their requirements, should be a no-brainer for any CIO.