The emphasis in a merger and acquisition (M&A) project is on results that can impact go/no-go decisions, valuation or remediation costs. We deliver a high quality audit report more quickly than alternate methods and act as an arms-length, independent third party. Due to this independence, target companies are more willing to share code for OSS license compliance and application security analysis prior to a definitive agreement. Our process ensures the highest possible confidentiality and projects are treated on a need-to-know basis.
Since time and communication are critical, our processes are highly responsive:
Our audit services team can also be an effective, fast choice for a number of non-M&A situations, including:
An audit services engagement is an efficient way to augment your staff for the initial scans and analysis to understand your use of open source and third-party components to ensure your IP compliance process up and running faster. Our services team will conduct the initial audits and ensure that the results are live in your system for immediate use. As the internal baselines proceed, we can also transfer information to your internal staff to ensure knowledge of system operation and analysis best practices.
An overview audit identifies the major open source and commercial components that make up a software development project. It uses some or all types of detection techniques, such as copyright detection, license detection, Java Namespace detection, exact file match to known open source content, email/URL detection and version detection.
A detailed audit is appropriate when the cost of accidental infringement is high or circumstances suggest that copyrights or license text may have been removed. A detailed audit expands the overview audit and makes extensive use of source code fingerprint analysis to identify partial matches, such as a cut-and-paste. Auditors are tasked to spend additional analysis time to fully explain the origin of evidence.
Learn why open source audits are necessary and best practices for open source software (oss) usage and technical due diligence.
Flexera's open source audit team can help you identify undeclared open source software and third party content for M&A, baselining and other due diligence events.