Open Source Compliance and Security

Reinventing Open Source Compliance

How well do you know your software? FossID is a Software Composition Analysis tool that scans your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.

Open Source Compliance & Security

FossID’s tools integrate in your development process and detects and identifies pieces of Free and Open Source Software (FOSS) in your code base, down to the smallest code snippet. FossID uncovers license obligations and compliance issues so that you can focus on creating great products.

Click to Open the FossID Tools Page

Open Source Audits

FossID’s audit services provide accurate and timely open source analyses under the highest confidentiality, perfect for technical due diligence, M&A transactions, supplier audits, and more. Get a complete software bill of materials with dependencies, security vulnerabilities and more now!

Click to Open the FossID Services Page

OpenChain Post-ISO - Global Implementation Across Multiple Sectors?

Join FossID and OpenChain for a “State of the union” webinar of the OpenChain ISO standard, and discuss how standards help creating business value. You will learn about how the standard can be implemented in any organization, how the community has accepted it so far, and how Sourcing departments leverage strategic value creation in the supply chain based on standards fulfillment.

FossID Product Update January 2021

We just launched a new product version of the FossID Software Composition Analysis tool for the enterprise. Apart from a few bug fixes it includes...
Robotic hand and side of torso with the FOSSID logo in-between and the text "AI in open source auditing"

Using Artificial Intelligence in Open Source Audits

Open source auditing is a tedious process, where the auditor must produce a “bill of materials” (BoM) listing all the open source components used...

Interview with Ibrahim Haddad on Software Composition Analysis Tools

Ibrahim Haddad is a well-known profile in the global open source community. His career started in the late nineties as a software developer focusing...

Guaranteed COVID-19-free due diligence with FossID

COVID-19 has had a great impact on M&A transactions and technical due diligence. Not only on the volume itself, but in the way that they are...

Datasheet - FossID Software Composition Analysis (SCA) Tools

How well do you know your software? FossID provides Software Composition Analysis tools that scan your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.

Datasheet - The FossID vulnerable snippet finder

The FossID vulnerability snippet finder takes open source vulnerability detection to new levels. It detects and identifies the actual lines of code that introduce vulnerabilities in open source and proprietary code!

Datasheet - FossID Open Source Audits for Mergers and Acquisitions

Due to security and privacy concerns surrounding M&A transactions, FossID has designed a “Blind Audit” – a unique ability to perform audits and generate reports without exposing the target source code.

Banking Use-Case

Case study of how a leading Asian bank is leveraging FossID’s technology to achieve business value through increased oper- ational excellence while honoring standards fulfillment, software license compliance, and managing risk.

Home Electronics Use-case

Case study of a multinational home electronics company choosing FossID over competing vendors thanks to better usability, scan quality, APIs, and total economics.

Snippet-finding Use-case

Case study of how FossID powers BearingPoint’s FOSS compliance services, providing customers with in-depth analyses for their business decisions.

Curious to know what FossID can do to maximize your open source efficiency?