Learn how FOSSA's Dynamic SBOM Sharing feature facilitates the secure exchange of SBOMs between SBOM distributors and consumers.
Learn about FOSSA's Time-Based Ignore Rules, which help teams implement temporary exceptions to security, license compliance, and quality policies.
Learn about FOSSA's new Issue Diffs feature, which makes it easy to compare licensing, security, and quality issues between software versions.
Learn about PURL — the Package URL Specification — including its utility for SBOM management and how it compares to other unique identifiers.
See how FOSSA's hack week projects are already making a difference for our customers.
Introducing FOSSA Package Labels - a powerful way to annotate packages with contextual metadata, enabling more efficient and insightful reporting and filtering.
Learn about slopsquatting, an emerging category of software supply chain risk that can stem from AI coding tools.
FOSSA's new Binary Composition Analysis (BCA) product enables organizations to mange security, license compliance, and SBOMs for binary files.
An analysis of the CERT-In guidelines for building and managing an SBOM program, recommended data fields, automation support, and best practices.
An exploration of the importance of SBOMs in complying with the EU's Digital Operational Resilience Act (DORA), focusing on software tracking and monitoring requirements for financial entities.
Explore the new functionalities of FOSSA for managing SBOMs, vulnerabilities, and open source license compliance, including automated NOTICE file recreation and FDA compliance support.
FOSSA introduces a new business tier tailored for smaller teams, offering flexible pricing and comprehensive features for SBOM, vulnerability management, and license compliance.
Learn about FOSSA's new SBOM policy feature that helps enforce SBOM standards for compliance and security.
The U.S. Army has announced new SBOM requirements for contractors and subcontractors to improve software supply chain security. Learn about the implementation timeline, scope, and how to prepare.
This blog post explores the introduction of SBOM requirements in PCI DSS 4.0, detailing the specific requirements and timelines, and suggesting steps for organizations to prepare for the March 2025 enforcement date.
Explore how the CISA KEV Catalog aids organizations in vulnerability prioritization and learn about its evaluation process.
Discover how Sentry manages software license compliance through policies, processes, and automation using FOSSA's open source management platform.
SPDX 3.0 introduces new profiles for better use case targeting and flexibility. Major upgrades include changes in document structure, profiles, relationships, and creator information.
Explores the impact of recent U.S. Copyright Office decisions on generative AI, potential risks from open source licensing, and strategies to mitigate IP risk in software development.
Evaluate SBOM tools to enhance software bill of materials programs. Discover key criteria for selecting the right SBOM tools, including regulatory compliance, ecosystem support, and usability.
