Track | The Future of Open Source Business
Martin von Willebrand, Attorney at HH Partners Attorneys-at-law, Founder at Double Open Oy
Mindtrek Conference
3rd of October 2023.
Tampere, Finland
www.mindtrek.org
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
How open source empowers startups to start big, with case Double Open Oy
1. Starting big, enabled by open source
Martin von Willebrand, Founder
Mindtrek, 3.10.2023
2. https://www.doubleopen.org/
1. What is Double Open?
Service for software composition analysis (SCA) with open source tools
➢ Open source compliance (available now)
○ Analyze, download, scan, evaluate, report
➢ Software Bill of Materials (available now)
○ Analyze, download, scan, evaluate, report
➢ Vulnerability scanning (not yet)
2
3. https://www.doubleopen.org/
2. What is the delivery / business model?
● Open source tool that can be installed in-house and integrated into CI/CD
○ Available now - setup project required
○ Data via API - augments the tool with trusted data
■ Available now
■ Coming: free tier, registered tier, paid tier + pay-as-you-go, enterprise tier
○ Support tickets
● Full Software-as-a-Service offering with no in-house installations needed
○ Coming
3
4. https://www.doubleopen.org/
3. SCA Market
- Software composition analysis (SCA)
- Security analysis, open source compliance, sboms
- Cloud-based and on-premises solutions
- Total of ~1,5B annually, expected to grow to rapidly, forecasts to 4B@2025
- Synopsys 0,5B (of 5B)
- Veracode ? (0,5B of 6,5B)
- Mend 0,1B
- Currently typical revenue per client size 100-500k/year. One-off projects are
smaller.
- DO appraisal: current market players have mostly very large customers,
around ~2000-5000 continuous clients, and then one-off project customers on
top of that
4
5. https://www.doubleopen.org/
4. Market Opportunity for scalable SaaS/API SCA
- All businesses are becoming software driven
- IoT, cloud, automotive, healthcare, manufacturing, retail
- European Comission: 95% are using digital technologies
- Cyber Resilience Act will further drive growth for SCA
- Number of businesses in Europe: 23M (Eurostat 2022)
- 1,5M of the companies are larger than 10 persons.
- 150.000 are fast growing companies
- Internationally 10x
- Addressable market globally around 1,5M companies
- 100x+ of current SCA clientele
- 20.000 euro /year for 75.000 customers (5%) means 1,5B in revenue
5
6. https://www.doubleopen.org/
5. DO Value proposition for clients
● Services outcome for clients
○ Compliant software all the time, automated
○ Reduced manual work and costs, faster time to market
○ Higher productivity, clear process to solve arising questions
○ Tech and legal issues solved in tandem
○ Minimized risk & increased and confidendent OSS usage
○ Growing OSS competence
● Services
○ Open source tooling as SaaS or on-premises
○ License data, tech curation etc. over API
○ Tech and legal support services for
■ Projects for taking the tools and improved processes into use
■ Solving tickets in using the processes and tools
6
OSS quality with
license compliance,
without vulnerabilities
Automate,
because you
can!
7. https://www.doubleopen.org/
Customer testimonials
Petteri Kivimäki, CTO, Nordic Institute for Interoperability Solutions, NIIS:
“With the help of Double Open, our third-party open-source component usage is now compliant all
the time, and we have significantly reduced both the time needed in open-source compliance and
the related administrative headaches.”
7
8. https://www.doubleopen.org/
6. Where is DO now?
- Background in open source compliance collaboration at HH Partners.
Spinned off to own company, Double Open Oy, August/September 2023
- Pilot references from Vaisala, NIIS (and Validos members)
- Existing revenue
- Many collaboration partners, multiple leads in Finland, Sweden, Germany etc.
- Two sw developers, CEO deal pending, operative advisors, strategic partner
- Pre-seed funding of about 150k (not closed)
- How can we be so far already now?
8
9. https://www.doubleopen.org/
7. Open source building blocks
- ORT:
- “A suite of tools to automate software compliance checks.”
- Adopters such as Bosch, HERE Technologies, Porsche
- Attempts to cover the whole process
- ScanCode Toolkit
9
11. https://www.doubleopen.org/
8. Double open business model analysis
Value: Automated and integrated software compliance
Rare: High quality compliance data API
Inimitability: Compliance data creation via curation service, co-creation in
curation, reinforced by brand
Organized: SaaS and API management
Open everything we can, to maximise demand for our API.
11
12. https://www.doubleopen.org/
9. What’s in open source business models?
● Search for a scalable open source business model
○ Key business is not in hours or projects sold
● Focus on value created at client. Look beyond your software offering.
○ Software is always part of a process at the client. The client needs also other services.
○ Google open sourced a lot, but it’s business is in data, data understanding and leverage.
○ Red Hat is reasonably pure open source, but makes its business on signed and certified
binaries.
● Do not focus on software installation, or delivery projects, or customization
projects. May be required, but better to off-load to others.
● Brand? Data? Community? Add-ons by third parties?
Open everything you can to maximise demand for your scalable service.
12