Open Source Compliance and Security
Reinventing Open Source Compliance
How well do you know your software? FossID is a Software Composition Analysis tool that scans your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.
FossID’s knowledge base contains the equivalent of more than 2 Petabytes of machine harvested source code from all the world’s known open source repositories.
FossID’s Artificial Intelligence facilitates the analysis effort by automatically eliminating false-positives and limiting manual post-processing efforts, saving time and money.
Ease of use
The FossID scanning and identification functionality is made availablethrough a web application or a CLI. Users can easily scan, audit, generate a variety of reports, and more.
Lightning Fast Scans
FossID’s revolutionary search engine allows for lightning fast scans (70 files/s), detecting and identifying open source components and licenses even if they are not declared in package manifests.
Incorporate FossID’s lightweight clients seamlessly into your development process, as stand-alone tools, or within your continuous integration environment.
Deploy entirely within your own network, or through the FossID cloud service. Only digital signatures of your source code are used to query the knowledge base.
Innovate More with Open Source
Open source is the key to speed of innovation, productivity, quality, and growth in any technology company. It represents a competitive advantage when used correctly, but rapid evolution and proliferation often cause enterprises to struggle with due diligence and identification of open source components in a code base. FossID helps you to achieve maximum open source adoption effortlessly and securely.
Scan Your Software
A systematic process identifies free and open source in the source code base, and facilitates review and approvals steps.
Be in Control
Mitigate potential risks and security vulnerabilities by satisfying the discovered license obligations, and avoid costly litigations and intellectual property losses.
The FossID CLI can be run on most operating systems (Windows, Linux, etc), and easily blends with customer processes and tool chains, and facilitates automation of repetitive or bulk tasks.