FOSSology is described as 'Open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow' and is an app. There are more than 10 alternatives to FOSSology for a variety of platforms, including Linux, Windows, Mac, Web-based and SaaS apps. The best FOSSology alternative is spdx-tool, which is both free and Open Source. Other great apps like FOSSology are Vulert, Mend Bolt, ScanCode and Ninka.
spdx-tool scans the source files to identify licenses used and it allows to update them in order to use the SPDX license format.
spdx-tool is the most popular Windows, Mac & Linux alternative to FOSSology.
spdx-tool is the most popular Open Source & free alternative to FOSSology.
Vulert notifies you if a SECURITY ISSUE is found in any of the open-source software you use. No installation needed.
Vulert is the most popular SaaS alternative to FOSSology.
Mend Bolt is designed to provide real-time security alerts and compliance issues related to your open source dependencies. It operates within Azure DevOps or GitHub, enabling you to identify and address open source vulnerabilities promptly.
Mend Bolt is the most popular Web-based alternative to FOSSology.
ScanCode is a suite of utilities used to scan a codebase for license, copyright and other interesting information that can be discovered in files.
Ninka is a lightweight license identification tool for source code. It is sentence-based, and provides a simple way to identify open source licenses in a source code file. It is capable of identifying several dozen different licenses (and their variations).
Slic scans a codebase and identifies the license of each file. It can be extended to identify new licenses or change its detection of existing ones.
Licensee is a Ruby gem that automates the process of reading LICENSE files and compares their contents to known licenses using several strategies.
FOSSA offers automated license scanning, dependency analysis and reports at each commit. Get a process up an running in 60 seconds, without slowing down development.
Simplified license management of open source software for small organizations or departments.
Protecode Compact is the most popular commercial alternative to FOSSology.
Mend.io offers the first AI native application security platform, purpose-built to secure AI-generated code and embedded AI components. Our unified platform enables companies to manage application risk effectively in modern software development.
Mend.io is the most popular Self-Hosted alternative to FOSSology.
vet is a tool for protecting against open source software supply chain attacks. To adapt to organizational needs, it uses an opinionated policy expressed as Common Expressions Language and extensive package security metadata including:
OSS Deep Discovery scans source code as well as binaries to identify open source software and licenses, even when the open source code has been copied or modified.
Israel
United States
Canada
India