Open Source Compliance and Security
Reinventing Open Source Compliance
How well do you know your software? FOSSID is a Software Composition Analysis tool that scans your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.
Accurate Origins
FOSSID’s knowledge base contains the equivalent of more than 2 Petabytes of machine harvested source code from all the world’s known open source repositories.
Precise Results
FOSSID’s Artificial Intelligence facilitates the analysis effort by automatically eliminating false-positives and limiting manual post-processing efforts, saving time and money.
Ease of use
The FOSSID scanning and identification functionality is made availablethrough a web application or a CLI. Users can easily scan, audit, generate a variety of reports, and more.
Lightning Fast Scans
FOSSID’s revolutionary search engine allows for lightning fast scans (70 files/s), detecting and identifying open source components and licenses even if they are not declared in package manifests.
Seamless Integration
Incorporate FOSSID’s lightweight clients seamlessly into your development process, as stand-alone tools, or within your continuous integration environment.
Flexible Deployments
Deploy entirely within your own network, or through the FOSSID cloud service. Only digital signatures of your source code are used to query the knowledge base.
Innovate More with Open Source
Open source is the key to speed of innovation, productivity, quality, and growth in any technology company. It represents a competitive advantage when used correctly, but rapid evolution and proliferation often cause enterprises to struggle with due diligence and identification of open source components in a code base. FOSSID helps you to achieve maximum open source adoption effortlessly and securely.
Scan Your Software
A systematic process identifies free and open source in the source code base, and facilitates review and approvals steps.
Be in Control
Mitigate potential risks and security vulnerabilities by satisfying the discovered license obligations, and avoid costly litigations and intellectual property losses.
FOSSID CLI
The FOSSID CLI can be run on most operating systems (Windows, Linux, etc), and easily blends with customer processes and tool chains, and facilitates automation of repetitive or bulk tasks.
FOSSID Webapp
The FOSSID web application provides a graphical user interface for individuals or teams to conduct their open source software compliance and security activities, including audits.
FOSSID Open Source Audits
FOSSID’s team of experts performs “blind audits” without having to look at the source code, protecting your intellectual property and that of 3rd parties.