Today we're thrilled to announce a huge update to FOSSA's free plan: security, license compliance, and SBOM (software bill of materials) management are now all available for free, for up to 25 contributing developers and 5 projects. No catch, no strings attached. This is a major upgrade for our free users, who were previously limited to license compliance only.
Why are we doing this? Simple. We want to make it ridiculously easy for teams to secure their open source and experience FOSSA's world-class SCA (software composition analysis) and SBOM capabilities for themselves. No sales conversations. No proof of concept. Just sign up and go.
Buying is Hard
Open source is everywhere, as are its risks. This is well-understood by engineering and security teams today. But finding the right tools to manage these risks? That's been a real headache.
Small teams are stuck between a rock and a hard place, having to choose between:
- Difficult-to-maintain open source tools
- Expensive vendor solutions
Enterprise teams face a different challenge. They're drowning in demos and POCs (proofs of concept), spending months trying to figure out what solutions will actually work for them. But the controlled experience of a demo or POC often doesn't mirror the real-world implementation. This means that even after a lengthy evaluation process, teams might not have a complete picture of how a solution will perform in their environment.
It's Time for a Change
We believe robust open source security, comprehensive SBOM reporting, and streamlined license compliance should be accessible to all developer and security teams, not just those with deep pockets. And teams shouldn’t have to spend three months going through demos and POCs just to understand whether a solution will work in their actual work environment.
That’s why we expanded our free tier: to give small teams all the capabilities they need to get started, and help enterprise teams quickly and thoroughly evaluate all of FOSSA’s capabilities. This real-world trial provides a more accurate evaluation than any controlled demo ever could.
As a free FOSSA user, you can now:
Find and Fix Open Source Vulnerabilities: See which vulnerabilities are impacting your projects, how to fix them, and which package upgrades will solve the most issues. FOSSA doesn’t just list the vulnerabilities — it enables you to remediate them effectively
Generate and Share SBOMs: SBOM isn’t just a buzzword anymore — it's a crucial part of modern software development. We make it easy to meet SBOM requirements from your customers and regulators. Generate, import, and share SBOMs faster than you can say "software dependencies."
Automate License Compliance: Manually tracking open source licenses is about as fun as watching paint dry. That's why we've included automated license compliance in our free plan. Our built-in policies, created by open source legal experts, do the heavy lifting for you.
You're probably thinking, "What's the catch?" Well, prepare to be pleasantly surprised. This is not a free trial. There's no bait-and-switch. No scan limits. It's the real deal — free forever. A premium subscription is required for large organizations that have over 25 contributing developers or more than 5 projects. But we encourage even larger teams to start by signing up for a free account to help determine whether FOSSA is the right fit for your organization.
Getting Started
Software security is more critical than ever. We believe that basic tools for open source management shouldn't be a luxury — they should be standard issue. With FOSSA's new free plan, we're making that a reality.
Ready to take your open source security to the next level? Sign up for FOSSA's free plan today and start securing your software without breaking the bank.
Frequently Asked Questions
Is this really free, or is it a limited trial?
This is not a trial — it's a fully featured, permanent free tier. You can use it indefinitely without any time restrictions.
Do I need a credit card to sign up?
Nope.
What features are included in the free plan?
The free plan includes all of our core features: vulnerability detection and remediation, basic SBOM management, and automated license compliance. Review our pricing plans for a full breakdown of features.
Are there any usage limits on the free plan?
The free plan comes with unlimited scans, allows you to generate unlimited SBOM reports for up to 5 projects, and covers up to 25 contributing developers.
How do you define a code contributor?
We define a code contributor as a unique committer to any private repo that is actively running in FOSSA.
How does this free plan compare to FOSSA’s premium plans?
Our free plan gives access to all of our foundational capabilities, up to a limited number of projects and contributors. To scale your program to cover more code contributors or projects, upgrade to a premium account. Premium users also gain access to additional features and integrations. Review our pricing plans for a full breakdown of features.
Is support included with the free plan?
Yep. We include basic email support with all free plan subscriptions. Upgrade to premium to get dedicated support engineers and priority email support.
Is my code/data secure on the free plan?
Absolutely. Using FOSSA CLI, your proprietary code never leaves your premises. FOSSA CLI outputs a list of dependencies which FOSSA then analyzes. Review our documentation for more details.
Can I use this for commercial projects, or is it limited to personal/open source use?
FOSSA’s free plan can be used for commercial projects. We believe robust open source management should be accessible to all.
Can I integrate this with my CI/CD pipeline?
Yes, FOSSA supports integration with CI/CD tools like Jenkins, CircleCI, and others. For a full list and setup instructions, check out our documentation.
What programming languages and package managers are supported?
FOSSA supports a wide range of programming languages and package managers, including but not limited to Java, JavaScript, Python, Go, and Ruby. For a complete list, review our documentation.
Try FOSSA for Free
Begin managing your Open Source dependencies today.