Open Source License Compliance Management

Get continuous compliance with code SCA featuring audit-grade reporting and comprehensive dependency inventory.

Complete Open Source Inventory

Get an accurate and precise scan of all code dependencies and third-party licenses

Audit-grade inventory of open source license types, both direct and transitive dependencies

Visibility into a variety of embedded, hidden, and declared OSS licenses in the source code

Detailed metadata information including license text, copyright info, and licensing obligations

Concrete usage, linkage and root cause identification that cut false positives by 85%

Sophisticated Policy Governance

Apply built-in, customizable OSS policies across company, product, and team

Configurable policies flag or block violations natively via existing engineering workflows

Conditional rules provide actionable remediation through use and linkage detection

Default policy templates deliver industry best practices from experts

Developer-friendly experience for easy triage, escalation and workflow integration

Certified Reports for Every Event

Generate audit-ready attribution and risk reports and BoMs at the click of a button

Continuous Compliance with the only true OSS supply chain management solution

Get self-updating attributions, Bill of Materials and audit bundles with every code change

Speedy issue remediation with actionable, legal instructions and smart resolution advice

Release comparisons to preview patches and visualize changes proactively


Most comprehensive ecosystem coverage of 20+ languages, with 100% native SPDX support

Native integration into all CI/CD pipelines with an easy-to-use CLI ensures continuous compliance

Code review and pull request integrations prevent bad code from landing into master

Local OSS scan or repo scan, plus compliance violation alerts delivered via Slack, JIRA, or email


We support multiple languages and tools, such as JavaScript, Ruby, Clojure, Debian, Golang, Haskell, Java, RPM, Scala, PHP, iOS, Python, .NET, Rust, Perl, C, C++, and many more.

Explore Docs