SBOM Starter Kit:
Get Your Copy
Platform
FOSSA Platform
The Modern Open Source Risk Management Platform
FOSSA Platform
Product
Vulnerability Management
License Compliance
Solutions
SBOM Management
Continuous Compliance
Due Diligence
Shift Code Security Left
Generative AI Risk Management
Resources
Getting Started with FOSSA
Documentation
Blog
Resource Library
Events
tl;drLegal
Company
About FOSSA
Customers
Careers
Partners
Press
Contact Us
For Developers
Pricing
Log In
|
Start for Free
Schedule Demo
Log In
|
Sign Up
|
Resource Library
DIg into the state-of-the-art and enterprise best practices for Open Source licensing and security.
Featured Resources
Webinars
Building the Foundation of Your SBOM and VEX Programs
Learn more
Webinars
Building the Foundation of Your SBOM and VEX Programs
Learn more
Reports
Software Composition Analysis: Elements of an Effective Solution
Learn more
Reports
Software Composition Analysis: Elements of an Effective Solution
Learn more
Whitepapers
Open Source Vulnerability Management
Learn more
Whitepapers
Open Source Vulnerability Management
Learn more
Categories
Whitepapers
A New Wave of IP Risks
A New Wave of IP Risks: How Open Source is Changing IP Risk in the Software Supply Chain
Building a Successful Open Source Management Strategy
Building a Successful Open Source Management Strategy: Addressing Open Source Management Challenges
DevOps and Open Source 101
DevOps and Open Source 101: The DevOps Role in Modernizing Open Source Best Practices
Mitigating IP Risk
Mitigating IP Risk: Three Strategies to Ensure Open Source Compliance
Modernize Your Open Source Audits
Modernize Your Open Source Audits: 5 Reasons Spreadsheets Fail for Managing OSS Licenses
Open Source Management
Open Source Management: Fundamentals for Engineering, Legal and DevOps
Open Source Vulnerability Management
The Next Generation of In-House Counsel
The Next Generation of In-House Counsel: Emerging Legal Responsibilities Across Product and Digital Transformation
What is an OSPO? The Rise of the Open Source Program Office
Reports
Software Composition Analysis
Software Composition Analysis: Elements of an Effective Solution
The 2021 State of Open Source Vulnerabilities
The 2022 State of Open Source Vulnerabilities
The State of Vulnerabilities in Linux Distributions
Infographics
7 Steps for IPO Due Diligence and Open Source Compliance
7 Steps for IPO Due Diligence and Open Source Compliance: From Mutual NDAs to the IPO Roadshow
7 Steps for M&A Due Diligence and Open Source Compliance
Open Source Management for Automotive Companies
On-Demand Webinars
Advocating for Open Source in the Enterprise
An Insider’s Guide to SPDX
Attacking Applications via Upstream Dependency Maintainers
Automating Application Security Testing with Github Actions
Automating Open Source License Compliance Essentials
Automating developer-centric application security in CI/CD
Being a Product Counsel Even If You're Not Technical
Best Practices in Open Source Compliance and Security with Wipro & Moonfare
Beyond the CVE: Addressing Novel Supply Chain Risks
Building the Foundation of Your SBOM and VEX Programs
Compliance with the GPLv3 “User Products” Clause and the Impact of SFC v. Vizio
Customizing Your Open Source Compliance Policy, Featuring Heather Meeker
Customizing Your Open Source Compliance Policy, Featuring Heather Meeker
Demystifying NIST’s Open Source Software Security Controls
Enterprise Software Architecture and Open Source Compliance
Generating, Importing, and Managing SBOMs with FOSSA
Heather Meeker on OSS Compliance: Demystifying License Notices with Automation
How Applause Does Open Source Compliance and Security the Developer's Way
How Kodiak Robotics Automates Open Source Management
How Rancher Labs Increased Development Efficiency and Security with FOSSA
How to Efficiently Manage OSS Security and Compliance Across Teams
Legal Compliance for Modern Software Development
Live Panel: Simplifying OSS Compliance in the Automotive Industry
Live Webinar & Demo: SBOMs Made Simple with FOSSA
Live Webinar: Getting Started with FOSSA
Log4Shell: A Case Study in Responding to OSS 0-Day Attacks
M&A and Open Source During Uncertain Times
Maximizing the Value of Open Source
NIS2 Directive: Understanding and Complying with Supply Chain Security Guidance
OSS License Compliance: Bridging the Legal-Engineering Divide
OSS License Compliance: Practical Strategies for OpenChain ISO/IEC 5230:2020
Open Source Security Vulnerabilities in Enterprise Environments
Open Source in the Enterprise: Predictions for 2020
Reps, Warranties, and Open Source Software, Featuring Jim Markwith
SBOMs in 2023: Trends, Tools, and Capabilities
Sentry’s Software Licensing Journey — And Why It Matters for You
The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester
The Dos and Don'ts of SBOMs for Security
The In-House Counsel’s Guide to SBOMs
The Lawyer's Guide to a Comprehensive Open Source Compliance Program
The Lawyer’s Guide to OSS License Compliance Tools, Featuring Heather Meeker
The Path to a Sustainable Software Supply Chain
Truth Social, AGPL, and OSS License Compliance
Under the Hood of FOSSA’s New License Scanner
Understanding and Using the CycloneDX SBOM Standard
Understanding and Using the CycloneDX SBOM Standard
What is an OSPO? The Rise of the Open Source Program Office
When "Open Source" Isn’t Open Source, Featuring Heather Meeker
Case Studies
Applause
CNCF
Collibra
F5
Groq
Kodiak Robotics
Milliman
UiPath
Checklists
Auditing Your Company's Use of Open Source
Auditing Your Company's Use of Open Source: Checklist for Creating an Open Source Compliance Program
Evaluating Compliance Technology
FOSSA vs. Blackduck by Synopsys
FOSSA vs. WhiteSource
Podcasts
Adopting Haskell into an Existing Codebase
Early-Stage Technology Decisions and Regrets
FOSSA: Open Source Management with Kevin Wang
Managing Engineering Projects
SCA Purchasing and Implementation Trends
Structuring and Growing a Customer Success Team
Try FOSSA Today
Get Started for Free
Schedule Demo
