Open Source Compliance and Security

Reinventing Open Source Compliance

How well do you know your software? FossID is a Software Composition Analysis tool that scans your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.

Open Source Compliance & Security

FossID’s tools integrate in your development process and detects and identifies pieces of Free and Open Source Software (FOSS) in your code base, down to the smallest code snippet. FossID uncovers license obligations and compliance issues so that you can focus on creating great products.

Click to Open the FossID Tools Page

Open Source Audits

FossID’s audit services provide accurate and timely open source analyses under the highest confidentiality, perfect for technical due diligence, M&A transactions, supplier audits, and more. Get a complete software bill of materials with dependencies, security vulnerabilities and more now!

Click to Open the FossID Services Page

OpenChain Post-ISO - Global Implementation Across Multiple Sectors?

Join FossID and OpenChain for a “State of the union” webinar of the OpenChain ISO standard, and discuss how standards help creating business value. You will learn about how the standard can be implemented in any organization, how the community has accepted it so far, and how Sourcing departments leverage strategic value creation in the supply chain based on standards fulfillment.

Interview with Ibrahim Haddad on Software Composition Analysis Tools

Ibrahim Haddad is a well-known profile in the global open source community. His career started in the late nineties as a software developer...

Guaranteed COVID-19-free due diligence with FossID

COVID-19 has had a great impact on M&A transactions and technical due diligence. Not only on the volume itself, but in the way that they are...

Leveraging ORT from a commercial code scanner

FossID and OSS Review Toolkit (ORT) have recently started a collaboration to integrate ORT into FossID and make the FossID scanner available as a...

The top reasons why knowledge base size matters

A key to useful and accurate open source compliance and security is a powerful software analysis tool, relying on a comprehensive knowledge base....

Datasheet - FossID Software Composition Analysis (SCA) Tools

How well do you know your software? FossID provides Software Composition Analysis tools that scan your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.

Datasheet - The FossID vulnerable snippet finder

The FossID vulnerability snippet finder takes open source vulnerability detection to new levels. It detects and identifies the actual lines of code that introduce vulnerabilities in open source and proprietary code!

Datasheet - FossID Open Source Audits for Mergers and Acquisitions

Due to security and privacy concerns surrounding M&A transactions, FossID has designed a “Blind Audit” – a unique ability to perform audits and generate reports without exposing the target source code.

Banking Use-Case

Case study of how a leading Asian bank is leveraging FossID’s technology to achieve business value through increased oper- ational excellence while honoring standards fulfillment, software license compliance, and managing risk.

Home Electronics Use-case

Case study of a multinational home electronics company choosing FossID over competing vendors thanks to better usability, scan quality, APIs, and total economics.

Snippet-finding Use-case

Case study of how FossID powers BearingPoint’s FOSS compliance services, providing customers with in-depth analyses for their business decisions.

Curious to know what FossID can do to maximize your open source efficiency?