SBOM Starter Kit:
Get Your Copy
Platform
FOSSA Platform
The Modern Open Source Risk Management Platform
FOSSA Platform
Product
Vulnerability Management
License Compliance
SBOM Management
Solutions
Continuous Compliance
Due Diligence
Shift Code Security Left
Resources
Getting Started with FOSSA
Documentation
Blog
Resource Library
Events
tl;drLegal
Company
About FOSSA
Customers
Careers
Partners
Press
Contact Us
For Developers
Pricing
Log In
|
Start for Free
Schedule Demo
Resource Library
DIg into the state-of-the-art and enterprise best practices for Open Source licensing and security.
Featured Resources
Webinars
Vulnerability Prioritization: An Insider’s Guide to the EPSS Scoring System
Learn more
Webinars
Vulnerability Prioritization: An Insider’s Guide to the EPSS Scoring System
Learn more
Reports
Software Composition Analysis: Elements of an Effective Solution
Learn more
Reports
Software Composition Analysis: Elements of an Effective Solution
Learn more
Categories
Whitepapers
A New Wave of IP Risks
A New Wave of IP Risks: How Open Source is Changing IP Risk in the Software Supply Chain
Modernize Your Open Source Audits
Modernize Your Open Source Audits: 5 Reasons Spreadsheets Fail for Managing OSS Licenses
What is an OSPO? The Rise of the Open Source Program Office
Reports
Software Composition Analysis
Software Composition Analysis: Elements of an Effective Solution
Infographics
7 Steps for IPO Due Diligence and Open Source Compliance
7 Steps for IPO Due Diligence and Open Source Compliance: From Mutual NDAs to the IPO Roadshow
7 Steps for M&A Due Diligence and Open Source Compliance
Open Source Management for Automotive Companies
On-Demand Webinars
Advocating for Open Source in the Enterprise
An Insider’s Guide to SPDX
Attacking Applications via Upstream Dependency Maintainers
Automating Application Security Testing with Github Actions
Automating Open Source License Compliance Essentials
Automating developer-centric application security in CI/CD
Being a Product Counsel Even If You're Not Technical
Best Practices in Open Source Compliance and Security with Wipro & Moonfare
Beyond the CVE: Addressing Novel Supply Chain Risks
Building the Foundation of Your SBOM and VEX Programs
Common SBOM Challenges and How to Solve Them
Compliance with the GPLv3 “User Products” Clause and the Impact of SFC v. Vizio
Customizing Your Open Source Compliance Policy, Featuring Heather Meeker
Customizing Your Open Source Compliance Policy, Featuring Heather Meeker
Demystifying NIST’s Open Source Software Security Controls
Enterprise Software Architecture and Open Source Compliance
Generating, Importing, and Managing SBOMs with FOSSA
Heather Meeker on OSS Compliance: Demystifying License Notices with Automation
How Applause Does Open Source Compliance and Security the Developer's Way
How Kodiak Robotics Automates Open Source Management
How Rancher Labs Increased Development Efficiency and Security with FOSSA
How to Efficiently Manage OSS Security and Compliance Across Teams
Legal Compliance for Modern Software Development
Live Panel: Simplifying OSS Compliance in the Automotive Industry
Live Webinar & Demo: SBOMs Made Simple with FOSSA
Live Webinar: Getting Started with FOSSA
Log4Shell: A Case Study in Responding to OSS 0-Day Attacks
M&A and Open Source During Uncertain Times
Maximizing the Value of Open Source
NIS2 Directive: Understanding and Complying with Supply Chain Security Guidance
OSS License Compliance: Bridging the Legal-Engineering Divide
OSS License Compliance: Practical Strategies for OpenChain ISO/IEC 5230:2020
Open Source Security Vulnerabilities in Enterprise Environments
Open Source in the Enterprise: Predictions for 2020
Reps, Warranties, and Open Source Software, Featuring Jim Markwith
SBOMs in 2023: Trends, Tools, and Capabilities
Sentry’s Software Licensing Journey — And Why It Matters for You
The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester
The Dos and Don'ts of SBOMs for Security
The In-House Counsel’s Guide to SBOMs
The Lawyer's Guide to a Comprehensive Open Source Compliance Program
The Lawyer’s Guide to OSS License Compliance Tools, Featuring Heather Meeker
The Path to a Sustainable Software Supply Chain
Truth Social, AGPL, and OSS License Compliance
Under the Hood of FOSSA’s New License Scanner
Understanding and Using the CycloneDX SBOM Standard
Understanding and Using the CycloneDX SBOM Standard
Vulnerability Prioritization: An Insider’s Guide to the EPSS Scoring System
What is an OSPO? The Rise of the Open Source Program Office
When "Open Source" Isn’t Open Source, Featuring Heather Meeker
Case Studies
Applause
CNCF
Collibra
F5
Groq
Kodiak Robotics
Milliman
Rancher Labs
Sentry
UiPath
Checklists
Auditing Your Company's Use of Open Source
Auditing Your Company's Use of Open Source: Checklist for Creating an Open Source Compliance Program
Evaluating Compliance Technology
FOSSA vs. Blackduck by Synopsys
FOSSA vs. WhiteSource
Podcasts
Adopting Haskell into an Existing Codebase
Early-Stage Technology Decisions and Regrets
FOSSA: Open Source Management with Kevin Wang
Managing Engineering Projects
SCA Purchasing and Implementation Trends
Structuring and Growing a Customer Success Team
Try FOSSA Today
Get Started for Free
Schedule Demo
