I am pleased to announce that FOSSA has raised a $23.2M Series B from Bain Capital Ventures, Costanoa Ventures, and Canvas Ventures, bringing our total funding now to $35M. This will help us accelerate towards our mission of building the world’s most robust and scalable open source inventory.

OSS Inventory Is Inevitable

While using open source has been the dominant method of software development for over a decade, the past five years have seen an explosion in the popularity of management tooling. Since our last funding announcement one year ago, dependency discovery, vulnerability prevention, and other basic features have arrived standard across our development tools. Almost every organization today has some fractional tooling or process around open source management.

Looking forward, ubiquitous open source inventory is inevitable. In the next 18 months, over 50% of enterprise applications will be covered by code SCA (software composition analysis, or scanning tools for open source). This trend is not only observed in the high-tech sector, but has equal momentum across manufacturing, financial services, government, and more. And the business value driving this adoption is equally broad, fueled by initiatives across legal, security, and engineering teams to enforce standards around open source usage. As software eats the world, open source inventory has become critical for modern businesses to digest it.


Join us on October 22 for a webinar on Open Source Security Vulnerabilities in Enterprise Environments.


The Missing Piece in Open Source Management

Despite the boon of tooling, organizations managing applications at scale lack the coverage to productionize their open source standards across their development teams. Small-scale web applications are easy to manage. But when building cars, life-saving devices, or platforms serving a billion requests per minute, development gets more complicated than today’s code SCA tools can handle.  

Furthermore, OSS inventory is more than just risk management. Leading organizations are establishing programs that aim to drive strategic value across their engineering teams by instrumenting and improving how they use open source. To accomplish this goal, new primitives in our development stack are needed — policy and reporting engines capable of turning open source inventory into insight.

Mature technology for the enterprise simply does not yet exist, leaving open source security, compliance, and code quality mostly unaccounted for in today’s highest-value workflows.

Enabling OSS Standards at Scale

After an incredible year of growth (and despite the challenging conditions), we’re excited to continue our mission. Since the early days of our commercial launch in 2018 when we were a team of only 4, we’ve now grown to 70 employees strong across five countries with customers in every vertical.

The vast majority of value around open source management has not yet been realized, and we’re excited to create it with you.


Join us on October 22 for a webinar on Open Source Security Vulnerabilities in Enterprise Environments.