FOSSA logo
Platform
FOSSA Platform
The Modern Open Source Risk Management Platform
FOSSA Platform
Product
Vulnerability Management
License Compliance
Solutions
SBOM Management
Continuous Compliance
Due Diligence
Shift Code Security Left
Generative AI Risk Management
Resources
Getting Started with FOSSA
Documentation
Blog
Resource Library
Events
tl;drLegal
Company
About FOSSA
Customers
Careers
Partners
Press
Contact Us
For Developers
Pricing
Log In
|
Start for Free
Schedule Demo
Log In
|
Sign Up
|

Dependency Heaven

Open source, dependencies, and licensing by the people at FOSSA.

  • Vulnerability Management
  • License Compliance
  • Open Source in the News
  • Software Composition Analysis
  • Developers
FOSSA Receives Highest Scores Possible in License Risk Management, SBOM Criteria in Forrester Wave
Inside FOSSA

FOSSA Receives Highest Scores Possible in License Risk Management, SBOM Criteria in Forrester Wave

FOSSA was the only vendor to earn the highest possible score in both the SBOM and License Risk Management criteria.

  • FOSSA Editorial Team
    FOSSA Editorial Team
2 min read
Open Source Software Licenses 101: The LGPL License
Open Source License Compliance

Open Source Software Licenses 101: The LGPL License

The LGPL open source software license is a member of the GPL family, but with some significant differences from its stronger copyleft counterparts.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source Software Licenses 101: The AGPL License
Open Source License Compliance

Open Source Software Licenses 101: The AGPL License

Get an overview of the AGPL open source software license, including requirements and key provisions.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Announcing FOSSA Container Scanning
Inside FOSSA

Announcing FOSSA Container Scanning

We're excited to introduce FOSSA Container Scanning, which will help organizations reduce compliance and security risk in their container images.

  • Gauthami Polasani
    Gauthami Polasani
2 min read
Stockfish vs. ChessBase and What it Means for GPL v3
Open Source in the News

Stockfish vs. ChessBase and What it Means for GPL v3

Stockfish vs. ChessBase could test several key provisions of GPL v3. Here's our analysis of the case, with input from OSS compliance expert Heather Meeker.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
The Minimum Required Elements of a Software Bill of Materials
Software Composition Analysis

The Minimum Required Elements of a Software Bill of Materials

As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Analyzing the Legal Implications of GitHub Copilot
Open Source License Compliance

Analyzing the Legal Implications of GitHub Copilot

The release of GitHub Copilot raises questions about potential copyright infringement and license compliance issues.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Container Image Security and Vulnerability Scanning
Open Source Vulnerability Management

Container Image Security and Vulnerability Scanning

Get an overview of today's container image security landscape, including common attack vectors and the importance of vulnerability scanning.

  • FOSSA Editorial Team
    FOSSA Editorial Team
7 min read
All About CWE-79: Cross-Site Scripting
Open Source Vulnerability Management

All About CWE-79: Cross-Site Scripting

CWE-79: Cross Site Scripting (XSS) is one of today's most commonly found vulnerabilities. Here's a look at different types of XSS attacks and how to stop them.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Copyleft Licenses and the Venture Capital Connection
Open Source License Compliance

Copyleft Licenses and the Venture Capital Connection

There's an easy-to-miss OSS compliance clause in the National Venture Capital Association's Stock Purchase Agreement Model Form that has significant ramifications.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
All About Permissive Licenses
Open Source License Compliance

All About Permissive Licenses

Explore the history, use cases, and provisions of permissive software licenses. Plus, see how they compare to copyleft licenses.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Cybersecurity Executive Order and Software Supply Chain Security
Open Source in the News

Cybersecurity Executive Order and Software Supply Chain Security

See our top takeaways from the software supply chain security section of the Biden Administration's cybersecurity executive order.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
IT Central Station: What Makes for an Effective SCA Solution
Software Composition Analysis

IT Central Station: What Makes for an Effective SCA Solution

Enterprise technology review site IT Central Station shares insight from software composition analysis (SCA) users on the elements of an effective SCA solution.

  • IT Central Station
3 min read
All About Copyleft Licenses
Open Source License Compliance

All About Copyleft Licenses

Get an overview of copyleft software licenses, including key provisions and how they compare to permissive licenses.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Application Security for Developers: SCA, DAST, and GitHub Actions
Open Source Vulnerability Management

Application Security for Developers: SCA, DAST, and GitHub Actions

See how tools like SCA and DAST can fuel developer-centric application security, and get step-by-step guidance for using them in GitHub Actions.

  • Solomon Rubin
    Solomon Rubin
6 min read
Software Bill Of Materials (SBOM) Formats, Use Cases, and Specifications
Software Composition Analysis

Software Bill Of Materials (SBOM) Formats, Use Cases, and Specifications

SBOMs plays an important role in everything from application security to OSS license compliance. Learn about popular formats and use cases.

  • FOSSA Editorial Team
    FOSSA Editorial Team
7 min read
How SCA Helps Manage OSS Vulnerabilities
Software Composition Analysis

How SCA Helps Manage OSS Vulnerabilities

See four ways software composition analysis (SCA) helps organizations identify and manage potential vulnerabilities in OSS.

  • FOSSA Editorial Team
    FOSSA Editorial Team
3 min read
Open Source Software Licenses 101: The ISC License
Open Source License Compliance

Open Source Software Licenses 101: The ISC License

Explore key elements of the ISC License, including requirements and permissions, and see why it's not used as often as other permissive OSS licenses.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Open Source Software Licenses 101: Mozilla Public License 2.0
Open Source License Compliance

Open Source Software Licenses 101: Mozilla Public License 2.0

Get an overview of key provisions in the Mozilla Public License 2.0, and see why OSS users and authors alike may be drawn to it.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Top Build Systems for Monorepos
Developer Perspectives

Top Build Systems for Monorepos

See how build systems like Bazel, Buck, and Pants help organizations tackle some of the complexities that come with using monorepos.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source Software Licenses 101: The BSD 3-Clause License
Open Source License Compliance

Open Source Software Licenses 101: The BSD 3-Clause License

Get the lowdown on the BSD 3-Clause open source software license, including key requirements and how it compares to other BSD license variants.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Software Supply Chain Security for Automotive Organizations
Software Composition Analysis

Software Supply Chain Security for Automotive Organizations

Technological innovation in the automotive industry has put software supply chain security in the spotlight.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
How OSS Conquered the World: Insight from Veteran Developers
Open Source in the News

How OSS Conquered the World: Insight from Veteran Developers

Join FOSSA's Konstantin Gredeskoul and veteran engineer Bryan Cantrill for an informative and entertaining podcast on the growth and history of open source software.

  • Konstantin Gredeskoul
    Konstantin Gredeskoul
2 min read
Building an Open Source Program Office (OSPO)
Open Source License Compliance

Building an Open Source Program Office (OSPO)

Explore elements of an Open Source Program Office (OSPO), including staffing strategies, strategic pillars, and more.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Open Source Software Licenses 101: GPL v3
Open Source License Compliance

Open Source Software Licenses 101: GPL v3

Get an overview of the GPL v3 open source software license and what it permits, requires, and prohibits of users. Also, see how it compares to GPL v2.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
  • For the Love of Open Source © 2024 FOSSA, Inc.
  • Privacy Policy
  • Terms & Conditions