UltraViolet Cyber Acquires Black Duck’s Application Security Testing Services Business

Acquisition establishes new scale for the fast-growing unified security operations provider’s application security testing capabilities.

McLean, VA — September 4, 2025 – UltraViolet Cyber, Inc. (“UltraViolet”), a global leader in unified offensive and defensive cybersecurity services, today announced the acquisition of Black Duck’s award-winning Application Security Testing (AST) services business. This move significantly expands UltraViolet’s application security capabilities and strengthens its position as a trusted provider to both commercial enterprises and federal agencies.

Black Duck has been widely recognized for its leadership in the AST space, including seven consecutive years in the Gartner® Magic Quadrant™ for Application Security Testing. Through this acquisition, its AST services—including penetration testing, red teaming, threat modeling, cloud and container risk assessments, architecture risk analysis, and secure software development consulting—are now fully integrated into UltraViolet’s unified security operations portfolio. These expanded capabilities strengthen UltraViolet’s ability to assess modern, distributed environments across multi-cloud workloads, DevSecOps pipelines, and containerized deployments. For organizations adopting AI-generated code, building on open-source stacks, or operating in highly regulated sectors, this enables earlier risk identification, reduced remediation costs, and the development of more resilient, secure software delivered at speed.

“Building security in early, not bolting it on later, is essential to combating sophisticated threats,” said Ira Goldstein, CEO of UltraViolet Cyber. “Black Duck has long been trusted by some of the world’s most complex enterprises. Their reputation for excellence in application security testing, combined with UltraViolet’s offensive and defensive capabilities, gives our clients a force-multiplier in protecting what matters most.”

UltraViolet’s investment in AST reflects a growing reality: the volume of AI-generated code is exploding, and the quality of code in production consistently falls short. The result is a compounding application security challenge echoed by CISOs, federal agencies, and security leaders across industries. By bringing Black Duck’s capabilities into its offensive portfolio, the acquisition positions UltraViolet to help both public- and private-sector clients mitigate software risks before they become production issues and bolsters UltraViolet’s position as an emerging AI security leader in the market.

“Black Duck’s broad and distinguished portfolio of professional and managed services are highly complementary to UltraViolet’s offensive security offerings,” said Jason Schmitt, CEO of Black Duck. “This move ensures that our customers will continue to receive industry-leading security testing services and unlocks greater scale, scope, and specialization as part of UltraViolet’s unified security operations. Furthermore, our partnership with UltraViolet enables Black Duck to continue offering professional and managed services while doubling down on our core software and SaaS business.”

The acquisition also establishes a commercial partnership that extends the value of both organizations. Black Duck customers will continue to benefit from world-class application security testing services, now backed by UltraViolet’s broader offensive and defensive security capabilities. UltraViolet clients will gain access to integrated software capabilities that drive deeper visibility and protection earlier in the development lifecycle, enabling more continuous and proactive security outcomes across hybrid environments.

“UltraViolet Cyber continues to lead the market in unifying offensive and defensive security operations under one model,” said Aanand Radia of Achieve Partners, which served as the equity sponsor in the acquisition. “This acquisition will play a critical role in ensuring that UltraViolet remains at the leading edge of helping organizations operate at the speed of the adversary, not behind it.”

Reinforcing the company’s significant market momentum within the commercial and public sectors, UltraViolet was recently named to the annual Inc. 5000 list. UltraViolet is among the top third of companies in the nation’s most prestigious ranking of the fastest-growing private companies.

Media Inquiries:
W2 Communications for UltraViolet Cyber
ultraviolet@w2comm.com