Fossa

Fossa

Visit Website
Category:Software Development
Tags:
Software Bill of Materials (SBOM)Software Composition Analysis ToolsVulnerability Scanner Software
Open source is a critical part of your software. In the average modern software product, over 80% of the source code shipped is derived from open source. Each component can have cascading legal, security, and quality implications for your customers, making it one of the most important things to manage correctly. FOSSA helps you manage your open source components. We plug into your development workflow to help your team automatically track, manage, and remediate issues with the open source you use to: - Stay compliant with software licenses and generate required attribution documents - Enforce usage and licensing policies throughout your CI/CD workflow - Monitor and remediate security vulnerabilities - Flag code quality issues and outdated components proactively By enabling open source, we help development teams increase development velocity and decrease risk.

Disclaimer: This app directory is not affiliated, associated, authorized, endorsed by, or in any way officially connected with any software mentioned on this site. All product names, logos, and brands are property of their respective owners.

Related Apps

Pentest Tools

Pentest Tools

Pentest-Tools.com is a cloud-based toolkit for offensive security testing, focused on web applications and network penetration testing.

Snyk

Snyk

Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security

HackerOne

HackerOne

HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with penetration testers and cybersecurity researchers. It was one of the first companies, along with Synack

Harness

Harness

Harness Continuous Delivery is a software delivery solution that automatically deploy, verify, and roll back artifacts without toil. Harness uses AI/ML to manage, verify, and roll back your deployment

Havoc Shield

Havoc Shield

All-in-one cybersecurity solution for financial services. Built to satisfy GLBA, FTC Safeguards, IRS Tax Preparer, New York DFS and other financial industry security requirements. Havoc Shield quickly

GuardRails

GuardRails

GuardRails is an end-to-end security platform that makes AppSec easier for both security and development teams. We scan, detect, and provide real-time guidance to fix vulnerabilities early. Trusted by

Aikido Security

Aikido Security

Aikido Security is a developer-centric software security platform, providing advanced code scanning and cloud vulnerability assessments. Our platform prioritizes real threats, reduces false-positives

Cycode

Cycode

Cycode is the only end-to-end software supply chain (SSC) security solution to provide visibility, security, and integrity across all phases of the SDLC. Cycode integrates with all of your software de

OX Security

OX Security

Security should be an integral part of the software development process, not an afterthought. Founded by Neatsun Ziv and Lion Arzi, two former Check Point executives, OX is the first and only Active A

Xygeni

Xygeni

Secure your Software Development and Delivery! Xygeni Security specializes in Application Security Posture Management (ASPM), using deep contextual insights to effectively prioritize and manage securi

Apiiro

Apiiro

Apiiro is the leader in application security posture management (ASPM), unifying risk visibility, prioritization, and remediation with deep code analysis and runtime context. Get complete application

Endor Labs

Endor Labs

The Endor Labs Software Supply Chain Security Platform addresses three key software supply chain security pain points and outcomes: Open Source Code Security: Endor Labs helps engineers improve applic

Scribe Security

Scribe Security

Scribe is a SaaS solution that provides continuous assurance for the security and trust worthiness of software artifacts, acting as a trust hub between software producers and consumers. Scribe central

The Code Registry

The Code Registry

The Code Registry is the world's first AI-powered code intelligence and insights platform, designed to safeguard and optimize software assets for businesses. By providing an independent, secure replic

Aqua Security

Aqua Security

Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security,

SOOS

SOOS

Application Security Posture Management Platform Your organization’s application security posture should be more than just a checklist. SOOS’s ASPM is a dynamic, comprehensive approach to safeguardin

BitNinja

BitNinja

State-of-the-art server security with an all-in-one platform BitNinja offers an advanced server security solution with a proactive and unified system designed to effectively defend against a wide rang

Sysdig

Sysdig

Sysdig Secure is our CNAPP platform that more than 700 enterprise customers use to address CNAPP, VM, CSPM, CIEM, container security and more - at enterprise scale. Our platform spans prevention, dete

Escape

Escape

Find and fix GraphQL security flaws at scale within your DevSecOps process. Leverage the new generation DAST & ASM for early, real-time Business Logic vulnerability detection and remediation in Graph

GitHub

GitHub

GitHub, Inc. is an American multinational corporation that provides hosting for software development and version control using Git. It offers the distributed version control and source code management