Open Source Compliance and Security

Reinventing Open Source Compliance

How well do you know your software? FossID is a Software Composition Analysis tool that scans your code for open source licenses and vulnerabilities, and gives you full transparency and control of your software products and services.


Accurate Origins

FossID’s knowledge base contains the equivalent of more than 2 Petabytes of machine harvested source code from all the world’s known open source repositories.

Precise Results

FossID’s Artificial Intelligence facilitates the analysis effort by automatically eliminating false-positives and limiting manual post-processing efforts, saving time and money.

Ease of use

The FossID scanning and identification functionality is made availablethrough a web application or a CLI. Users can easily scan, audit, generate a variety of reports, and more.

Lightning Fast Scans

FossID’s revolutionary search engine allows for lightning fast scans (70 files/s), detecting and identifying open source components and licenses even if they are not declared in package manifests.

Seamless Integration

Incorporate FossID’s lightweight clients seamlessly into your development process, as stand-alone tools, or within your continuous integration environment.

Flexible Deployments

Deploy entirely within your own network, or through the FossID cloud service. Only digital signatures of your source code are used to query the knowledge base.

Innovate More with Open Source

Open source is the key to speed of innovation, productivity, quality, and growth in any technology company. It represents a competitive advantage when used correctly, but rapid evolution and proliferation often cause enterprises to struggle with due diligence and identification of open source components in a code base. FossID helps you to achieve maximum open source adoption effortlessly and securely.

Scan Your Software

A systematic process identifies free and open source in the source code base, and facilitates review and approvals steps.

Be in Control

Mitigate potential risks and security vulnerabilities by satisfying the discovered license obligations, and avoid costly litigations and intellectual property losses.


The FossID CLI can be run on most operating systems (Windows, Linux, etc), and easily blends with customer processes and tool chains, and facilitates automation of repetitive or bulk tasks.

FossID Webapp

The FossID web application provides a graphical user interface for individuals or teams to conduct their open source software compliance and security activities, including audits.

FossID Open Source Audits

FossID’s team of experts performs “blind audits” without having to look at the source code, protecting your intellectual property and that of 3rd parties.

Curious to know what FossID can do to maximize your open source efficiency?