Start Free.
Scale as you go.

Free

Scan and automatically identify, manage, and address open source licensing issues

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$0/month

Up to 100 developers

Limited to 5 projects

Individual users

5 dependency depth levels

Start for Free

Business

Scan and automatically identify, manage, and address open source licensing issues

Prevent vulnerabilities from entering your codebase with curated vulnerability data

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$0/month

Up to 100 developers

Unlimited projects

Users + Teams

All dependency depth levels

Container scanning

Dedicated Slack channel

Get Started

Enterprise

Scan and automatically identify, manage, and address open source licensing issues

Prevent vulnerabilities from entering your codebase with curated vulnerability data

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Custom Pricing

100+ users

Unlimited projects

Users + Teams w/RBAC

All dependency depth levels

Container scanning

Premium dedicated Slack channel

Custom policy templates

On-prem

Contact Us

Feature Comparison

Business

$46/month

Get Started

Enteprise

Custom Pricing

Contact Us

Main Features

Projects

5

Unlimited

Unlimited

Continuous monitoring

Integrates into your CI/CD pipeline for analysis and scans of your builds

API support

Access FOSSA data via the public API

SBoM/attribution w SPDX support

Export projects as SBOMs in .spdx format, based on current formatting standards and ready for public consumption

Webhooks

Event-driven callbacks to other applications

Issue dashboard

Organization-wide dashboard to triage issues across projects and teams

Global component bundle

Inventory of all packages across your organization

Default policies

Preset rules to identify common issues in your code

On-prem

Optionally deploy FOSSA on to your own infrastructure

Release Groups

Bundle multiple projects to track as a group

Customizable policies

Customizable rules to identify issues in your code based on your organizational needs

Code Scanning

Source code scanning

Scan and detect direct and indirect dependencies in your code

Deep Dependency discovery

Identification of dependencies brought into your code via manually added dependencies

Branch/tag scanning

Ability to scan branches or tags in your repositories

Container scanning

Scan base container images for vulnerabilities (included with Security)

Included with Security

Included with Security

Scan depth levels

Depth level of your constructed dependency graph

5

Unlimited

Unlimited

Compliance

Compliance Identification

Policy scans to identify compliance issues in your open source dependencies

Compliance Management

Workflow to understand and remediate compliance issues

Project Compliance Report

Customizable license reports with unlimited detail and depth

Direct Dependencies Only

Organization License & Package Report

Organization-wide report on licenses and packages

Audit/Due Diligence Report

Organization-wide report on issues and project changes

Security

Vulnerability Identification

Issue scans to identify security issues in your open source dependencies

Included with Security

Included with Security

Vulnerability Management

Workflow to understand and remediate security issues

Included with Security

Included with Security

Vulnerability Report

Generate a project report of vulnerabilities found and remediated

Included with Security

Included with Security

Organization Vulnerability Report

Generate an organization report of vulnerabilities found and remediated

Included with Security

Included with Security

Admin Controls

Audit Logs

Audited log of actions taken by users

Single-Sign On (SSO)

Access to SSO services such as Google, GitHub, etc.

Role-Based Access Control (RBAC)

Control over roles and permissions for all organizational users

Support

Priority Email

Quick replies to your emails

Onboarding and support

White glove support, onboarding, feature roadmap priority and training services bundled into your FOSSA subscription

Technical Service Level Agreements (SLAs)

SLAs for support and escalation response times

Dedicated Slack channel

Communicate directly with our team via a private Slack channel

Basic

Basic

Premium

Frequently Asked Questions

How does per-developer pricing work?
Why per-developer pricing?
Do you discount non-commercial projects?
Do you offer annual plans?

Don’t take our word for it

“The solution’s compatibility with a wide range of developer ecosystem tools is incredibly easy to use. I've written a handful of scripts to even ease that process even more. It is at the point where, in order for one of our teams to integrate FOSSA into their development process, it requires them to add essentially two commands to their pull requests check pipeline. That builds in a bit more functionality than the FOSSA command line tool provides out-of-the-box.”
“I found FOSSA's out-of-the-box policy engine to be accurate and that it was tuned appropriately to the settings that we were looking for.”
“FOSSA's compatibility with the wide range of developer ecosystem tools is great. It definitely saves us a lot of time and helps us figure out what security vulnerabilities are going on. Since we can't do it ourselves, we need FOSSA.”
Try fossa today

Achieve Open Source Excellence

Request Demo