tools to check/track (code) compliance

[Trevor Woerner]

Hello,

Let's say there's a company which employs ~50 developers who all work
independently. In other words nobody checks each and every line of
code committed each day. Let's say said company was very interested in
making sure their team of developers wasn't accidentally including
code into their product they weren't supposed to. Or, to put it
another way, let's say that if such outside code was being used as
part of their product that the company wanted to track it and be made
aware of it so they could properly comply with all such licenses.

One method of tracking such usage would be to ask all the developers
whether or not they were using code they didn't write themselves and
manually tracking all such instances. But it isn't hard to image how
that process could be error prone.

Another method might be to use a tool which analyses the code itself
(i.e. the code which is committed) looking for indications that the
code might be from somewhere else (e.g. different coding style,
copyright statements, license files, etc.).

Does anyone know if any such tool exists? I'm aware of the Black Duck
products (http://www.blackducksoftware.com) which sound like exactly
what I'm looking for, but was wondering if any other such tools
existed (for comparison purposes).

Thanks!