Projects
5
Unlimited
Unlimited
Continuous monitoring
Integrates into your CI/CD pipeline for analysis and scans of your builds
API support
Access FOSSA data via the public API
SBoM/attribution w SPDX support
Export projects as SBOMs in .spdx format, based on current formatting standards and ready for public consumption
Webhooks
Event-driven callbacks to other applications
Issue dashboard
Organization-wide dashboard to triage issues across projects and teams
Global component bundle
Inventory of all packages across your organization
Default policies
Preset rules to identify common issues in your code
On-prem
Optionally deploy FOSSA on to your own infrastructure
Release Groups
Bundle multiple projects to track as a group
Customizable policies
Customizable rules to identify issues in your code based on your organizational needs
Source code scanning
Scan and detect direct and indirect dependencies in your code
Deep Dependency discovery
Identification of dependencies brought into your code via manually added dependencies
Branch/tag scanning
Ability to scan branches or tags in your repositories
Container scanning
Scan base container images for vulnerabilities (included with Security)
Included with Security
Included with Security
Scan depth levels
Depth level of your constructed dependency graph
5
Unlimited
Unlimited
Compliance Identification
Policy scans to identify compliance issues in your open source dependencies
Compliance Management
Workflow to understand and remediate compliance issues
Project Compliance Report
Customizable license reports with unlimited detail and depth
Direct Dependencies Only
Organization License & Package Report
Organization-wide report on licenses and packages
Audit/Due Diligence Report
Organization-wide report on issues and project changes
Vulnerability Identification
Issue scans to identify security issues in your open source dependencies
Included with Security
Included with Security
Vulnerability Management
Workflow to understand and remediate security issues
Included with Security
Included with Security
Vulnerability Report
Generate a project report of vulnerabilities found and remediated
Included with Security
Included with Security
Organization Vulnerability Report
Generate an organization report of vulnerabilities found and remediated
Included with Security
Included with Security
Audit Logs
Audited log of actions taken by users
Single-Sign On (SSO)
Access to SSO services such as Google, GitHub, etc.
Role-Based Access Control (RBAC)
Control over roles and permissions for all organizational users
Priority Email
Quick replies to your emails
Onboarding and support
White glove support, onboarding, feature roadmap priority and training services bundled into your FOSSA subscription
Technical Service Level Agreements (SLAs)
SLAs for support and escalation response times
Dedicated Slack channel
Communicate directly with our team via a private Slack channel
Basic
Basic
Premium
We track unique committers to private repos that are actively running in FOSSA with no limit on repo count. You can start off with fewer active repos/teams and easily scale across your org.
Our pricing scales directly with the number of developers on your team. Developers are counted as unique active contributors. Contact us about cases of contributors outside your staff.
We offer special plans for non-profit, educational institution, and open source project budgets.
Yes, we do! Contact us for details. On-prem deployments are priced annually by default.