The typical construct for a big company to use is they get a technical expert from a completely different part of the company that has basically no stake in the group that is evaluating the acquisition to do the technical due diligence. This is where you see all of the secret sauce. Usually they picked someone that I won't have a problem saying no to anyone actually asking them for information.
However the real protection is in the details in the amount of work that actually has to happen to copy a company. I've done technical due diligence work before and I really wouldn't be able to replicate what I saw in a 6 hour code review of 30000 lines of code any faster than I could just coat it from scratch. the most part you're doing basically the same thing you would do on a security audit of code which is looking for intellectual property theft or the overall quality of the code and things like did one person maintain the entire thing or was it actually a team effort which helps you decide who you want to acquire from the company. generally the whole point of these deep investigations is to mitigate risk for the purchasing company not to steal ip.
At the end of one of those investigations you basically say yes it's risky no it's not this is who worked on it this is who didn't this is my estimate for how long it would take to pull into our code base or move over power systems or here is a flexible I think that could basis versus how much technical debt I think there is. but really all they want out of you is is this a risk to buy this company or does it seem straightforward. Then you go back to your completely unrelated arm of the company and do your actual job.
However the real protection is in the details in the amount of work that actually has to happen to copy a company. I've done technical due diligence work before and I really wouldn't be able to replicate what I saw in a 6 hour code review of 30000 lines of code any faster than I could just coat it from scratch. the most part you're doing basically the same thing you would do on a security audit of code which is looking for intellectual property theft or the overall quality of the code and things like did one person maintain the entire thing or was it actually a team effort which helps you decide who you want to acquire from the company. generally the whole point of these deep investigations is to mitigate risk for the purchasing company not to steal ip.
At the end of one of those investigations you basically say yes it's risky no it's not this is who worked on it this is who didn't this is my estimate for how long it would take to pull into our code base or move over power systems or here is a flexible I think that could basis versus how much technical debt I think there is. but really all they want out of you is is this a risk to buy this company or does it seem straightforward. Then you go back to your completely unrelated arm of the company and do your actual job.