Letter to Black Duck Mailing List

January 2, 2007

Each year at this time I write a short summary and assessment of the past year at Black Duck Software, and include a forward-looking statement. The company sends this message out to everyone on our mailing list.

First, you should know that 2006 was a great year for the company. We greatly expanded bookings over 2005 and met or exceeded all of the company’s planned business metrics.

Black Duck matured as an organization as we navigated through the open source, software compliance and enterprise markets. By the end of the year, we grew to 60 employees and filled many essential marketing, sales, customer support and professional services functions. However, this growth resulted in the need for more space. So we moved to Winter Street in Waltham, MA late in the year – a welcome change.

During the year, we improved our communications with potential and established customers through the website, Webinars, trade shows, direct email and the like, including a monthly newsletter to our customers. We spoke at many, various events. In addition, I started writing a blog (a sometimes stimulating, sometimes curious experience).

In 2006, we engaged with thousands of people who wanted to know more about their code. We added 90 new customers during the year. We now have many customers in the Software 100, Fortune 500, and Global 500. protexIP was used extensively in M&A transactions by Black Duck and third party professional services in engagements involving software compliance, systems integration and other interesting applications. We trained users all over the world. We added resellers in Australia, Korea, the UK and Israel. We renewed and reinforced our distribution relationship with SIOS (formerly known as 10Art-Ni), our Japanese reseller.

During the course of 2006, we added some great new talent to both the executive staff and extended management team to help bring our vision to a wider audience and extend the role of our products to meet the global interests of our customers. We released protexIP 4.0, catapulting us further into a technology leadership position. We also produced a fully documented SDK for protexIP 4.0. We introduced exportIP – an export compliance product that detects encryption and cryptography for export compliance management for software and software-based products. In addition to all that engineering activity, in December, we released the Rational-Eclipse protexIP pluggin and expanded our partnership with IBM. It is important to note that all of our product releases had significant input from customers.

Finally, during 2006 we were recognized extensively by the industry. We won the Red Herring 100 North America and C33C Expo Best of Show awards and received many other nominations. We are now recognized as one of the top open source brands. Last fall we introduced the Compliance Vanguard Partnership which included ten key OSS industry companies.

In 2007, we expect to expand Black Duck’s markets not only domestically, but globally too. In order to do so, we will improve and expand our partnerships and reseller relationships, and continue to take in more data from our customers and the market. Shortly after GPL 3.0 is made available by the FSF, we will deliver a new release of protexIP that distinguishes GPL 3.0 code from GPL 2.0 and other open source code. We will also improve our protexIP/OnDemand offering and release two (and possibly three) new products this year. Innovation has been the cornerstone of our success in the past; we will maintain our pace of innovation this year and into the future.

You should know that Michael Goulde of the Forrester Group will host a Black Duck webinar on Tuesday, January 9, 2007 at 2:00 pm (EST). He will speak about the growing use of open source and the implications that this growth has for both software vendors and enterprises. To register click here:

I hope this note was informative. I also hope to meet you in person during 2007 and learn about your interests and how Black Duck Software can serve your software compliance needs.

We look forward to working with you closely in 2007 and wish you the very best for the New Year.

Sincerely,

Doug

Douglas A. Levin