We'll be at Security BSides Las Vegas both tomorrow, 8/6, and Wednesday, 8/7! Don't forget to visit our booth to learn more about our supply chain security solutions and enter our raffle for a chance to win a pair of AirPod Pros! 🎧 We can't wait to meet everyone! 👋🏻 #SBOM #VulnerabilityManagement #LicenseCompliance #Cybersecurity #BSidesLV
FOSSA
Software Development
San Francisco, California 6,127 followers
Modern Open Source Management & Security
About us
FOSSA is a leading SBOM and software supply chain risk management platform. It helps enterprises generate, ingest, analyze, and operationalize SBOMs in multiple formats, supporting a range of regulatory compliance and software transparency initiatives. It also offers comprehensive SCA (software composition analysis) capabilities, including automated open source license compliance management and vulnerability prioritization solutions. FOSSA was founded in 2015 and has grown to serve thousands of leading organizations across the globe. In all, it's been downloaded nearly two million times and has run nearly 100 million open source software scans.
- Website
-
http://fossa.com
External link for FOSSA
- Industry
- Software Development
- Company size
- 51-200 employees
- Headquarters
- San Francisco, California
- Type
- Privately Held
- Founded
- 2015
- Specialties
- Open Source Licensing, Open Source Vulnerability Management, Open Source Compliance, Open Source Management, Open Source Audits, M&A Due Diligence, Open Source Scanning, Software Bill of Material Management, and SBOM Management
Locations
-
Primary
114 Sansome St
210
San Francisco, California 94104, US
-
Vancouver, CA
Employees at FOSSA
Updates
-
Having trouble getting SBOMs from your software suppliers? Supply chain security expert Tony Turner shares valuable insights and actionable steps to streamline your process. Learn practical tips and best practices for setting clear contractual requirements, defining #SBOM frequency and scope, and ensuring quality and compliance in your supply chain. ✅ 📖 Dive into the full blog here: https://lnkd.in/ewkbu-dh #SoftwareSecurity #AppSec #CyberSecurity #SupplyChainSecurity
-
📰 Exciting News! 📰 We are thrilled to announce that FOSSA has acquired StackShare, the renowned community and platform for tracking and discussing developer tools. 🎉 Why this merger is a game-changer for security teams: 1️⃣ Developers still need easier ways to assess and share their experiences with tools. 2️⃣ Security teams want integrated developer tools management. 3️⃣ Two industry-leading companies joining forces to invest in data transparency. We are deeply excited about this journey and are committed to being great stewards of the StackShare community. Thank you to Yonas Beshawred and every StackShare user for your trust in us. Here’s to a future of innovation and collaboration! 💪✨ Read the full announcement: https://lnkd.in/ei52ZgX5
FOSSA Acquires StackShare to Enhance Developer Tools Management and Security
fossa.com
-
✨We're hiring! ✨ We have exciting roles open in engineering, customer success, and product for Canadian applicants: ⚙️ Senior Software Engineer 👩🏻💻 Product Designer 🤝🏻 Senior Customer Success Manager If you're passionate about innovation and ready to make an impact in software supply chain security and #SBOM management, we want to hear from you! 🔗 Apply today: https://lnkd.in/gmMMJiz8 #Hiring #EngineeringJobs #DevOps #SoftwareDevelopment
-
-
🎥 Missed Our Webinar on Maintaining Software Transparency in Embedded Systems?🎥 No worries! The recording with Woodward, Inc.’s Global Cybersecurity Engineer, Chris Sundberg, is available! Check out the on-demand webinar to learn best practices across areas like standing up Software Use and Review Boards (SURBs), using the OpenChain Project Specification to help guide license compliance practices, generating SBOMs, and more. 👇🏻 👀 https://lnkd.in/dQUzpBKg
Managing Open Source Supply Chain Risk and Compliance in Embedded Systems
event.on24.com
-
We are just one week away from #BSidesLV! Don't forget to stop by our table and say hi to the FOSSA team, learn more about our vulnerability management and #SBOM management solutions, and enter for a chance to win a pair of Airpod Pros! We can't wait to meet everyone! #Security #CyberSecurity #VulnerabilityManagement #OSS
-
-
Open source software (OSS) has become an integral part of development in the automotive industry. OSS helps fuel innovations in areas like AI, autonomous driving, and connected cars, which are driving growth and profitability. Of course, for all of its benefits, open source also comes with some measure of risk. Without the proper processes and tools in place, automotive organizations may struggle to fulfill license compliance requirements and mitigate security vulnerabilities. 👉🏻 Swipe to learn 4 reasons FOSSA is a top tool for a secure and trusted automotive ecosystem. 🚗 #AutomotiveSecurity #AI #OpenSource #OSS #LicenseCompliance #VulnerabilityManagement
-
If you couldn't make it to the live session of our webinar, "Get Ready for the EU’s Cyber Resilience Act (CRA): How to Manage SBOM Requirements" you can still catch up on all the insights shared by Olle E Johansson, a leading CRA expert. ⬇️ Don't let the new regulations outlined in the #CRA catch you off guard and view the recording to learn how to manage these new SBOM requirements. ✅ 📹 View the recording: https://lnkd.in/dTgwytrt #CyberSecurity #SBOM
Get Ready for the EU’s Cyber Resilience Act (CRA): How to Manage SBOM Requirements
event.on24.com
-
FOSSA reposted this
Public Cloud Security & Compliance AT&T | MBA InfoSec | OWASP-LA Board | ISSA Fellow | OWASP Chapter Committee
We had a great time at OWASP LA monthly meeting with Chelsea B. of FOSSA presenting her talk on #CVE noise, analyzing five specific vulnerability prioritization inputs: 1. CVSS scores 2. EPSS scores 3. VEX 4. The CISA KEV Catalog 5. Reachability analysis
-
-
Are you ready for the new #SBOM requirements in PCI DSS 4.0? Starting March 31, 2025, all PCI-covered entities will need to maintain an inventory of in-scope bespoke and custom software, along with their third-party components. But what does this mean for your organization, and how can you prepare? Discover the intent behind PCI DSS' SBOM requirements, why machine-readable formats like CycloneDX or SPDX are essential, and steps to take now to ensure compliance by the enforcement date. ✅ 📖 Read the full guide here: https://lnkd.in/ekdBNRdw #PCIDSS #CyberSecurity #Security
Understanding SBOM Requirements in PCI DSS - FOSSA
fossa.com