TrustRadius: an HG Insights company

FossID Workbench

Get a Demo

What is FossID Workbench?


FossID supports software auditing and compliance. FossID’s Software Composition Analysis (SCA) tool, Workbench, and professional services are designed to ensure comprehensive open source compliance and security in software development.


Software Composition Analysis (SCA)

FossID Workbench enables precise identification of open source components and vulnerabilities. It integrates into software development cycles, providing license recognition, proactive security checks, and detailed compliance reporting. FossID Workbench is available across various industries, and helps to ensure that organizations can confidently meet their legal, security, and operational needs in open source software management.


  • Comprehensive Scanning
    Creates a thorough and complete softwarebill of materials that catalogs all open source in use, regardless of how it made its way into the codebase.
  • Detailed Reporting
    Ensures distribution compliance by generating reports, notices files, and copyright statements.
  • Integration & Extensibility
    Features custom workflows, performing administrative tasks, generating reports, and more with the API.
  • Governance & Administration
    Provides granular visibility and access to different teams and roles with robust RBAC.
  • Flexible Deployment
    FossID Workbench is available either On-Prem or with Hybrid Deployment

Categories & Use Cases

Media

Screenshot of a scan of repositories that detects all Free and Open Source Software (FOSS) from complete components, packages, and libraries to small snippets of open source.
Screenshot of a Software Bill of Materials (SBOMs). FossID Workbench can automatically export and import Software Package Data Exchange (SPDX) reports containing license text, copyright statements, vulnerabilities and even snippet level information.
Screenshot of a presentation of license-related risks in software that helps to remain compliant. Workbench detects over 2000 different licenses encountered overed years of open source auditing from strong/weak copyleft to the most obscure source-available and non-commercial licenses. Workbench helps users to understand all license related risks that could affect your products and services.
Screenshot of Workbench’s comprehensive policy management that can prevent usage of strong/weak copyleft or source-available software licenses in products and services.
Screenshot of VulnSnippet Finder: Snippet detection for vulnerable open source snippets. FossID’s Knowledge Base snippet detection capabilities include special detection of vulnerable open source snippets. While most security scanners assume open source vulnerabilities based on component and version, VulnSnippet Finder bases its search on the exact lines of code/snippets that make software vulnerable.

1 / 5

Screenshot of a scan of repositories that detects all Free and Open Source Software (FOSS) from complete components, packages, and libraries to small snippets of open source.

Most Frequent Users

Top 3 industries using FossID Workbench
Based on HG Insights installation data
View all Reviews
#1 most frequent

Professional, Scientific, and Technical Services

33.3%

3 installations of 9

#2 most frequent

Manufacturing

33.3%

3 installations of 9

#3 most frequent

Information

22.2%

2 installations of 9

Related Products

Products similar to FossID Workbench that may also meet your needs.
All comparisons
Black Duck Software Composition Analysis (SCA)
CompareLearn more
Veracode
CompareLearn more
Revenera Compliance Intelligence
CompareLearn more
Mend SCA
CompareLearn more
FOSSA
CompareLearn more
Snyk
CompareLearn more