.jpg)
UltraViolet Cyber, Inc., a leading tech-enabled managed security services provider, announced on September 4, 2025, the acquisition of Black Duck’s award-winning Application Security Testing (AST) services business. This strategic move, backed by Achieve Partners, significantly expands UltraViolet’s capabilities in application security, reinforcing its position as a trusted provider for commercial enterprises and federal agencies navigating the complexities of AI-generated code and modern software environments.
Acquisition: UltraViolet Cyber acquires Black Duck’s AST services, including penetration testing, red teaming, and secure software development consulting.
Strategic Impact: Enhances UltraViolet’s unified offensive and defensive security operations, addressing AI-driven code risks.
Commercial Partnership: Black Duck customers gain access to UltraViolet’s broader security capabilities; UltraViolet clients benefit from deeper AST integration.
Leadership Quotes: “This acquisition positions UltraViolet to help clients mitigate software risks before they become production issues,” said Ira Goldstein, CEO of UltraViolet Cyber.
Market Recognition: Black Duck’s AST services recognized in Gartner® Magic Quadrant™ for seven consecutive years.
Financial Backing: Achieve Partners served as the equity sponsor.
UltraViolet Cyber’s acquisition of Black Duck’s AST services integrates a robust suite of capabilities into its unified security operations portfolio, including:
Penetration Testing and Red Teaming: Simulates real-world attacks to identify vulnerabilities.
Threat Modeling: Assesses potential risks in software design.
Cloud and Container Risk Assessments: Ensures security in multi-cloud and containerized environments.
Architecture Risk Analysis: Identifies structural weaknesses in software systems.
Secure Software Development Consulting: Guides organizations in building resilient software.
Black Duck, recognized as a leader in the Gartner® Magic Quadrant™ for Application Security Testing for seven consecutive years, brings a trusted reputation for securing complex enterprise environments. The acquisition establishes a commercial partnership, allowing Black Duck customers to leverage UltraViolet’s offensive and defensive security capabilities while enabling UltraViolet clients to access advanced AST tools for earlier risk identification and reduced remediation costs. As Jason Schmitt, CEO of Black Duck, noted, “This move ensures that our customers will continue to receive industry-leading security testing services and unlocks greater scale, scope, and specialization.”
The acquisition addresses the growing challenge of securing AI-generated and open-source code, which often introduces vulnerabilities due to inconsistent quality. Ira Goldstein, CEO of UltraViolet Cyber, emphasized, “Building security in early, not bolting it on later, is essential to combating sophisticated threats.” By integrating Black Duck’s AST expertise, UltraViolet strengthens its ability to mitigate risks across multi-cloud workloads, DevSecOps pipelines, and containerized deployments, particularly for organizations in regulated sectors.
This move aligns with UltraViolet’s recent market momentum, as evidenced by its ranking in the top third of the 2025 Inc. 5000 list of fastest-growing private companies. The partnership with Black Duck also allows Black Duck to focus on its core software and SaaS business while UltraViolet scales its unified security model, as highlighted by Aanand Radia of Achieve Partners: “UltraViolet Cyber continues to lead the market in unifying offensive and defensive security operations under one model.”
The acquisition comes amid a surge in application security challenges, with 74% of organizations experiencing application-layer attacks in 2024, according to industry reports. The global AST market, valued at $1.2 billion in 2023, is projected to grow at a 15.3% CAGR through 2030, driven by the rise of AI-generated code and regulatory demands. UltraViolet’s integration of Black Duck’s services positions it to address these trends, competing with firms like Veracode and Checkmarx while leveraging its UV Lens platform for integrated security-as-a-service.
UltraViolet Cyber, headquartered in McLean, Virginia, is a leading tech-enabled managed security services provider, delivering expertise to Global 2000 and federal clients. Founded by national intelligence community experts, its UV Lens solution unifies offensive security, application security, detection, and response, eliminating operational silos.
Black Duck Software, Inc., formerly the Synopsys Software Integrity Group, offers a comprehensive portfolio of application security solutions, ensuring trust in software for regulated, AI-powered environments.
Achieve Partners invests in technologies and business models to enhance skill development and secure the future of work, fostering socioeconomic mobility.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.