Integrates into your CI/CD pipeline for analysis and scans of your builds

Access FOSSA data via the public API

Export projects as SBOMs in .spdx format, based on current formatting standards and ready for public consumption

Event-driven callbacks to other applications

Organization-wide dashboard to triage issues across projects and teams

Inventory of all packages across your organization

Preset rules to identify common issues in your code

Optionally deploy FOSSA on to your own infrastructure

Bundle multiple projects to track as a group

Customizable rules to identify issues in your code based on your organizational needs

Scan and detect direct and indirect dependencies in your code

Identification of dependencies brought into your code via manually added dependencies

Ability to scan branches or tags in your repositories

Scan base container images for vulnerabilities (included with Security)

Depth level of your constructed dependency graph

Policy scans to identify compliance issues in your open source dependencies

Workflow to understand and remediate compliance issues

Customizable license reports with unlimited detail and depth

Organization-wide report on licenses and packages

Organization-wide report on issues and project changes

Issue scans to identify security issues in your open source dependencies

Workflow to understand and remediate security issues

Generate a project report of vulnerabilities found and remediated

Generate an organization report of vulnerabilities found and remediated

Audited log of actions taken by users

Access to SSO services such as Google, GitHub, etc.

Control over roles and permissions for all organizational users

Quick replies to your emails

White glove support, onboarding, feature roadmap priority and training services bundled into your FOSSA subscription

SLAs for support and escalation response times

Communicate directly with our team via a private Slack channel