Black Duck Forms Security Advisory Board, Adds Research and Data-Mining Group

Press Release | Black Duck | May 5, 2016

Investments in security expertise and innovative research fuel continuous improvement of market-leading open source security and management solutions

BURLINGTON, Mass.--(BUSINESS WIRE)--Black Duck, the global leader in automated solutions for securing and managing open source software, today announced strategic initiatives to add security expertise and strengthen its research and innovation capabilities.

The company has created a five-member Security Advisory Board comprising experienced security executives, and has launched Black Duck Research, a Vancouver-based, applied-research group focused on data mining, machine learning, natural language processing, big data management and analytics, and software quality.

“Our highest priority is delivering open source security solutions that address the market’s biggest challenges. Doing that requires a deep understanding of our customers’ needs and the obstacles they face. It’s also essential that the solutions we bring to market are underpinned by state-of-the-art research,” said Black Duck CEO Lou Shipley.

“We’re very pleased that we’ve attracted Security Advisory Board members with impeccable security credentials. Their security knowledge and insights will be invaluable, and the addition of top-flight research talent will enable us to continue our leadership in providing the most comprehensive open source information,” he said.

Black Duck Chief Technology Officer Bill Ledingham said Baljeet Malhotra, Vice President of Research, will head the Vancouver group. Malhotra holds a Ph.D. in Computing Science with specialization in Data Management and joins Black Duck from SAP where he was Research Director, Internet of Things (IoT) Standards.

“Given the continuing rapid growth of open source use worldwide, we believe it is critical that we apply the latest in big-data and machine-learning technologies to do the most thorough job in tracking and managing open source. This will ensure that we have the best possible data-management solutions to help our customers and partners use open source software and services in the most secure, compliant and reliable way,” said Ledingham.

Black Duck Research comprises award-winning computer and data scientists, innovators and Ph.D. and Master’s students, who are advised by software industry veterans and faculty members from premier institutes/universities in the U.S. and Canada.

Black Duck’s Security Advisory Board members:

Selim Aissi, Ph.D. is the Chief Security Officer at Ellie Mae (NYSE:ELLI), the mortgage-software platform that processes almost a quarter of U.S. mortgage applications. Previously, he was Vice President of Global Information Security at VISA and Chief Security Architect at Intel.

He has more than two decades of computer industry and security innovation experience, and has been named by IT Security magazine as one of the "Top 59 Most Influential Security Experts." Through his career, Dr. Aissi filed over 100 patent applications, most of which have been granted by the United States Patent and Trademark Office (USPTO), and co-authored the book "Security for Mobile Networks and Platforms."

Michael Coates is the Trust and Information Security Officer at Twitter (NYSE:TWTR), the online social networking service. He leads Twitter’s security program across all elements of information security. Coates is also the former chairman and a current member of the global board of directors for OWASP, the largest open source application security community.

Previously, he was the Director of Product Security at Shape, where he led initiatives to change the way organizations defend their applications against modern application attacks.

Edna Conway is the Chief Security Officer for Global Value Chain at Cisco (NASDAQ: CSCO). She develops and oversees the deployment of Cisco’s strategy to assess, monitor and continuously improve the security of its global value chain. Cisco's Value Chain Security Program spans its Engineering, Services, Supply Chain Operations and Worldwide Partner organizations. In addition, Ms. Conway drives Cisco’s cyber and security protection plan throughout its third-party ecosystem.

She serves or has served on the company’s Cyber-Security Board, Risk and Resiliency Operating Committee and Global Compliance Governance Committee. Ms. Conway was named Chief Security Officer of the Year by Info Security Products Guide at the 2016 RSA Conference and is a Connected Worldmagazine2016 “Woman of M2M.”

Steve Hunt, head of Chicago-based Hunt Business Intelligence, is a cybersecurity and risk management executive whose expertise includes strategy and leadership to emerging technologies and engineering. He is an adviser to executives, investors and entrepreneurs. He advises CISOs and plays interim CISO roles.

A sought-after speaker, Hunt has delivered 75 keynote and special session presentations on Enterprise Security, Information Risk and Global Information Security Trends at business and security conferences around the world. Previously he was Director of Neohapsis, a security consultancy acquired by Cisco, and was VP for Security & Risk Management at Forrester.

Gary McGraw, Ph.D. is the Chief Technology Officer of Cigital, Inc., one of the world’s largest software security services and technology firms. He is a globally recognized authority on software security and the author of eight best-selling books on the topic. His dual Ph.D. is in Cognitive Science and Computer Science from Indiana University, where he serves on the Dean’s Advisory Council for the School of Informatics. He served on the IEEE Computer Society Board of Governors and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine.

McGraw is editor of the Addison-Wesley Software Security series and has written more than 100 peer-reviewed scientific publications. He authors a monthly security column for SearchSecurity and is frequently quoted in the media.

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit

Media Contacts:

Black Duck
Brian Carter, 508-277-7570
Director of Strategic Communications
[email protected]
PAN Communications
Michael O’Connell/ Tiffany Darmetko
[email protected]