Skip to main content
TrustRadius

Overview

What is FOSSA?

FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is FOSSA?

FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

3 people also want pricing

Alternatives Pricing

What is JFrog Security (Xray)?

JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. It is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license compliance issues…

Return to navigation

Product Details

What is FOSSA?

FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.


FOSSA Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(2)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

FOSSA is a software solution that solves several key business problems related to open-source compliance and license management. Users have found that implementing FOSSA into their development workflow has not only ensured compliance and avoided legal issues in distributing software but has also freed up valuable time previously spent on manual compliances. By seamlessly integrating with the development workflow, FOSSA drives open-source brilliance by providing excellent quality of service and a smooth user experience.

One of the main use cases where FOSSA proves invaluable is for Node developers who heavily rely on npm packages. FOSSA simplifies the process of reading and ensuring compliance with licensing requirements for software projects with numerous dependencies. It identifies the main dependencies that need to be checked for legal compliance, providing risk management and a sense of security. This streamlines the development process by eliminating the need for tedious manual checks and reduces the risk of inadvertently using non-compliant open-source components.

Another significant problem solved by FOSSA is the ability to quickly scan components and generate simple reports. These reports not only identify licensing issues but also perform vulnerability testing, allowing users to address code loopholes and improve overall code quality. With FOSSA's automatic scanning feature, which can be linked to GitHub, every push triggers a scan with incredible speed, further enhancing efficiency and ensuring that potential vulnerabilities are addressed promptly.

Overall, FOSSA's reliable and time-saving features alleviate risk, ensure security, and simplify open-source compliance for businesses. Its intuitive interface makes it easy for new users to navigate, while its comprehensive scanning capabilities provide actionable insights for identifying and addressing licensing and code quality issues. Whether it's managing dependencies or improving overall code security, FOSSA helps businesses maintain oversight over their software licenses while streamlining their development processes.

Comprehensive and Detailed Evaluations: Several users have praised FOSSA for its highly comprehensive and detailed evaluations, which provide prompt information as required.

Effective Security Management Toolkit: Users have commended FOSSA's security management toolkit for its ability to alert enterprises of any risks related to known vulnerabilities and license management in open-source code. This feature has been particularly helpful in reducing the time needed to identify open-source licensing issues.

User-Friendly Interface and Integration: FOSSA's user interface has received positive feedback from users, who describe it as clean and user-friendly. It makes it easy to see all the different dependencies, their licenses, and the necessary actions to ensure compliance. Additionally, users appreciate how easily FOSSA integrates with various CI/CD platforms like Jenkins, Gitlab, Bamboo, and Github, allowing them to seamlessly incorporate it into their existing workflows.

Sluggish Interface and Slow Scan Speeds: Some users have expressed dissatisfaction with the performance of FOSSA, noting that the application's interface is sluggish and scan speeds are slow. These issues need improvement to provide a smoother user experience.

Confusing User Interface for New Users: Several reviewers have mentioned that the user interface of FOSSA can be confusing, particularly for new users. They feel that the interface loads slowly and may require some time to understand its navigation and functionality.

Difficulty in Understanding Flagged Issues: A number of users have found it challenging to understand the flagged issues provided by FOSSA. They mention that some flagged dependencies have unclear resolutions, requiring manual review and making it difficult for non-experts to comprehend and resolve them effectively.

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why

FOSSA - The future of license scanning

Rating: 5 out of 10
December 02, 2019
Verified User
Vetted Review
Verified User
FOSSA
1 year of experience
I use FOSSA to scan the licenses of software I use for a side-project of mine. Overall the automated scans and emails work great! It is nice to have the peace of mind that the licenses used to create our software are all above board and cleared for redistribution/re-use. We link it to GitHub, so every push gets scanned by FOSSA as part of our quality control process.
  • Setup of tool.
  • Speed of scans.
  • Automated emails with reports.
The only issue we have had is sometimes the web app is too slow, and that causes issues with us wanting to continue to use FOSSA over going with another tool. That is the only problem. I noticed it happened more recently, but if that is solved now or will be solved, I would 100% recommend this tool to anyone!
  • Hard to measure the ROI, but no doubt having licenses be above board is fantastic for protection of your software.
  • Caused developers to make more informed decisions.
BlackDuck and Synk
Never needed support but the chat and help seem forefront of the app!
Return to navigation