Library Glossary Guides DevOps Tools Docs

Resource Library

Discover guides, whitepapers, and tools to help you master software supply chain management.

Search

Resource Types

Checklists

Infographics

Interactive Guides

Podcasts

Reports

Webinars

Whitepapers

Resource Location

All Resources

Internal Resources

External Resources

Featured

Vulnerability Prioritization: An Insider’s Guide to the EPSS Scoring System

WebinarsExternal

Software Composition Analysis: Elements of an Effective Solution

CycloneDX SBOM Format

Interactive Guides

Latest

SPDX SBOM Format

Interactive Guides

Software Bill of Materials (SBOM)

Interactive Guides

Android Open Source Security

Interactive Guides

Open Source Licenses Guide

Interactive Guides

SBOM Compliance Requirements

Interactive Guides

Software Composition Analysis (SCA)

Interactive Guides

More Resources

Software Supply Chain Security

Interactive Guides

Open Source License Security in Automotive

Interactive Guides

Developer's Guide to Open Source Software Licenses

Interactive Guides

7 Steps for IPO Due Diligence and Open Source Compliance: From Mutual NDAs to the IPO Roadshow

7 Steps for M&A Due Diligence and Open Source Compliance

A New Wave of IP Risks: How Open Source is Changing IP Risk in the Software Supply Chain

Adopting Haskell into an Existing Codebase

An Insider’s Guide to SPDX

WebinarsExternal

Attacking Applications via Upstream Dependency Maintainers

WebinarsExternal

Auditing Your Company's Use of Open Source: Checklist for Creating an Open Source Compliance Program

Automating Application Security Testing with Github Actions

WebinarsExternal

Automating developer-centric application security in CI/CD

WebinarsExternal

Automating Open Source License Compliance Essentials

WebinarsExternal

Best Practices in Open Source Compliance and Security with Wipro & Moonfare

WebinarsExternal

Beyond the CVE: Addressing Novel Supply Chain Risks

WebinarsExternal

Building the Foundation of Your SBOM and VEX Programs

WebinarsExternal

Common SBOM Challenges and How to Solve Them

WebinarsExternal

Compliance with the GPLv3 “User Products” Clause and the Impact of SFC v. Vizio

WebinarsExternal

Customizing Your Open Source Compliance Policy, Featuring Heather Meeker

WebinarsExternal

Demystifying NIST’s Open Source Software Security Controls

WebinarsExternal

Early-Stage Technology Decisions and Regrets

Enterprise Software Architecture and Open Source Compliance

WebinarsExternal

Evaluating Compliance Technology

FOSSA: Open Source Management with Kevin Wang

PodcastsExternal

FOSSA vs. Blackduck by Synopsys

FOSSA vs. WhiteSource

Generating, Importing, and Managing SBOMs with FOSSA

WebinarsExternal

Heather Meeker on OSS Compliance: Demystifying License Notices with Automation

WebinarsExternal

How Applause Does Open Source Compliance and Security the Developer's Way

WebinarsExternal

How Kodiak Robotics Automates Open Source Management

WebinarsExternal

How Rancher Labs Increased Development Efficiency and Security with FOSSA

WebinarsExternal

How to Efficiently Manage OSS Security and Compliance Across Teams

WebinarsExternal

Legal Compliance for Modern Software Development

WebinarsExternal

Live Panel: Simplifying OSS Compliance in the Automotive Industry

WebinarsExternal

Live Webinar & Demo: SBOMs Made Simple with FOSSA

WebinarsExternal

Live Webinar: Getting Started with FOSSA

WebinarsExternal

Log4Shell: A Case Study in Responding to OSS 0-Day Attacks

WebinarsExternal

M&A and Open Source During Uncertain Times

WebinarsExternal

Managing Engineering Projects

Maximizing the Value of Open Source

WebinarsExternal

Modernize Your Open Source Audits: 5 Reasons Spreadsheets Fail for Managing OSS Licenses

NIS2 Directive: Understanding and Complying with Supply Chain Security Guidance

WebinarsExternal

Open Source Management for Automotive Companies

OSS License Compliance: Bridging the Legal-Engineering Divide

WebinarsExternal

OSS License Compliance: Practical Strategies for OpenChain ISO/IEC 5230:2020

WebinarsExternal

Reps, Warranties, and Open Source Software, Featuring Jim Markwith

WebinarsExternal

SBOMs in 2023: Trends, Tools, and Capabilities

WebinarsExternal

SCA Purchasing and Implementation Trends

Sentry’s Software Licensing Journey — And Why It Matters for You

WebinarsExternal

Structuring and Growing a Customer Success Team

The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester

WebinarsExternal

The Dos and Don'ts of SBOMs for Security

WebinarsExternal

The In-House Counsel’s Guide to SBOMs

WebinarsExternal

The Lawyer's Guide to a Comprehensive Open Source Compliance Program

WebinarsExternal

The Lawyer’s Guide to OSS License Compliance Tools, Featuring Heather Meeker

WebinarsExternal

The Path to a Sustainable Software Supply Chain

WebinarsExternal

Truth Social, AGPL, and OSS License Compliance

WebinarsExternal

Under the Hood of FOSSA’s New License Scanner

WebinarsExternal

Understanding and Using the CycloneDX SBOM Standard

WebinarsExternal

When "Open Source" Isn’t Open Source, Featuring Heather Meeker

WebinarsExternal

Don't miss a thing.

By submitting, I agree to receive periodic emails from FOSSA & accept the FOSSA Privacy Policy.

Platform

Scan Binary Tools (coming soon)Snippets (coming soon)Pricing

Solutions

OSS License Compliance Code Security (SCA/BCA)SBOM Management Due Diligence Obsolescence Management Supplier Risk Management

Resources

Getting Started Blog Documentation Resource Library Glossary Webinars

Learn

Software Supply Chain Security SBOMs SBOM Compliance Requirements CycloneDX SPDX Open Source Licenses

Company

About FOSSA Customers Careers Partners Support

Follow Us

Terms & Conditions Privacy Policy Trust Center© 2025 FOSSA Inc.