• License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • Request Demo
    Request Demo
  • Vulnerability Management
  • License Compliance
  • Open Source in the News
  • Software Composition Analysis
  • Developers

Software Composition Analysis

A collection of 38 posts

Software Composition Analysis

How Applause Makes Open Source Management Work for Developers

See how Applause has built developer-friendly open source license compliance and security programs with a significant assist from FOSSA.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Software Composition Analysis

Highlights from NIST SP 800-161r1: Cybersecurity Supply Chain Risk Management

See key themes and insights from NIST SP 800-161r1: “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations.”

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Software Composition Analysis

Best Practices for Implementing Software Composition Analysis, Featuring Rancher Labs

Rancher Labs Senior Engineering Manager Hayden Barnes shares four strategies to help ensure a successful software composition analysis implementation.

  • Hayden Barnes
5 min read
Software Composition Analysis

4 Reasons Rancher Labs Chose FOSSA

See why Kubernetes management company Rancher Labs (part of SUSE) chose FOSSA to reduce open source license compliance and vulnerability risk.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Software Composition Analysis

Building a Sustainable Software Supply Chain

OpenChain GM Shane Coughlan discusses indicators of sustainable software and specific steps your organization can take to improve security.

  • Shane Coughlan
10 min read
Inside FOSSA

Announcing New Support for C/C++ Scanning, SBOMs

FOSSA has released new features that enable C/C++ dependency scanning and make it easier for organizations to generate SBOMs.

  • Gauthami Polasani
    Gauthami Polasani
2 min read
Software Composition Analysis

How FOSSA Addresses Challenges Scanning C/C++ Code

Get an overview of challenges with scanning and identifying dependencies in C/C++ code, and see how FOSSA addresses these issues.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Open Source in the News

6 Takeaways from the Linux Foundation's SBOM Report

A new report from the Linux Foundation contains a treasure trove of data on industry attitudes toward SBOMs and software supply chain security.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source Vulnerability Management

React Security: How to Fix Common Vulnerabilities

Explore several common vulnerabilities that impact React component libraries and see how to remediate them.

  • Gaya Dissanayake
    Gaya Dissanayake
4 min read
Software Composition Analysis

5 Must-Have DevSecOps Tools

Software composition analysis, static application security testing, and issue tracking software are examples of mission-critical DevSecOps tools.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Software Composition Analysis

4 Key Elements of Technical Due Diligence

Explore key areas of conducting technical due diligence, including auditing third-party software usage and evaluating protections on intellectual property.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Software Composition Analysis

Q and A: Software Bill of Materials and FOSSA

Get answers to frequently asked questions about using FOSSA to generate a software bill of materials.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Open Source Vulnerability Management

Anatomy of a Software Supply Chain Attack

Software supply chain attacks are an increasingly common and dangerous type of cyberattack. Here's how to defend against them.

  • Matthew Schwartz
    Matthew Schwartz
6 min read
Software Composition Analysis

How to Generate a Software Bill of Materials with FOSSA

See how your organization can use FOSSA to generate a comprehensive software bill of materials in a few easy steps.

  • Deepak Mehta
5 min read
Open Source in the News

bouk/monkey and the Importance of Knowing Your Dependencies

A recent news item involving the bouk/monkey open source program shows why it's so important for organizations to have visibility into their dependencies.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Software Composition Analysis

3 Best Practices for OSS Management in the Automotive Industry

Experts share tips and strategies to help automotive organizations improve their open source management programs.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Inside FOSSA

FOSSA Product Updates: August 2021

FOSSA has launched several new features, including container scanning, analysis target configuration, expanded language support, and more.

  • Gauthami Polasani
    Gauthami Polasani
2 min read
Inside FOSSA

FOSSA Receives Highest Scores Possible in License Risk Management, SBOM Criteria in Forrester Wave

FOSSA was the only vendor to earn the highest possible score in both the SBOM and License Risk Management criteria.

  • FOSSA Editorial Team
    FOSSA Editorial Team
2 min read
Inside FOSSA

Announcing FOSSA Container Scanning

We're excited to introduce FOSSA Container Scanning, which will help organizations reduce compliance and security risk in their container images.

  • Gauthami Polasani
    Gauthami Polasani
1 min read
Software Composition Analysis

The Minimum Required Elements of a Software Bill of Materials

As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source Vulnerability Management

Container Image Security and Vulnerability Scanning

Get an overview of today's container image security landscape, including common attack vectors and the importance of vulnerability scanning.

  • FOSSA Editorial Team
    FOSSA Editorial Team
7 min read
Open Source Vulnerability Management

All About CWE-79: Cross-Site Scripting

CWE-79: Cross Site Scripting (XSS) is one of today's most commonly found vulnerabilities. Here's a look at different types of XSS attacks and how to stop them.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Open Source in the News

Cybersecurity Executive Order and Software Supply Chain Security

See our top takeaways from the software supply chain security section of the Biden Administration's cybersecurity executive order.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Software Composition Analysis

IT Central Station: What Makes for an Effective SCA Solution

Enterprise technology review site IT Central Station shares insight from software composition analysis (SCA) users on the elements of an effective SCA solution.

  • IT Central Station
3 min read
Software Composition Analysis

Software Bill Of Materials: Formats, Use Cases, and Tools

A software bill of materials (SBOM) plays an important role in everything from application security to OSS license compliance.

  • FOSSA Editorial Team
    FOSSA Editorial Team
8 min read
  • For the Love of Open Source © 2023 FOSSA, Inc.
  • Privacy Policy
  • Terms & Conditions