FOSSA

FOSSA · 2026-03-10T21:14:57.747Z

New from our blog: Allan Friedman, PhD, one of the leading voices in the creation of global #SBOM regulations, shares insights on PCI DSS, the CRA, DORA, and more. https://lnkd.in/gFzAE55v

Software Development

San Francisco, California 7,154 followers

Modern Open Source Management & Security

See jobs Follow

View all 57 employees

About us

FOSSA is a leading SBOM and software supply chain risk management platform. It helps enterprises generate, ingest, analyze, and operationalize SBOMs in multiple formats, supporting a range of regulatory compliance and software transparency initiatives. It also offers comprehensive SCA (software composition analysis) capabilities, including automated open source license compliance management and vulnerability prioritization solutions. FOSSA was founded in 2015 and has grown to serve thousands of leading organizations across the globe. In all, it's been downloaded nearly two million times and has run nearly 100 million open source software scans.

Website: https://fossa.com/
External link for FOSSA
Industry: Software Development
Company size: 51-200 employees
Headquarters: San Francisco, California
Type: Privately Held
Founded: 2015
Specialties: Open Source Licensing, Open Source Vulnerability Management, Open Source Compliance, Open Source Management, Open Source Audits, M&A Due Diligence, Open Source Scanning, Software Bill of Material Management, and SBOM Management

Locations

Primary

114 Sansome St

210

San Francisco, California 94104, US

Get directions
Vancouver, CA

Get directions

Employees at FOSSA

See all employees

Updates

FOSSA

7,154 followers
4d
Report this post
Hear from FOSSA Director of Product Cortez Frazier Jr in this upcoming webinar with our friends at Blue Goat Cyber!
Blue Goat Cyber

5,749 followers
4d Edited

Most SBOMs don’t fail because they’re missing. They fail because they don’t 𝑑𝑜 𝑎𝑛𝑦𝑡ℎ𝑖𝑛𝑔. Regulators have moved past presence. They’re evaluating whether your SBOM actually supports ongoing risk management. That means being able to answer, at any point: ➡️ What changed since the last release? ➡️ What’s vulnerable today? ➡️ What requires action right now? If your SBOM can’t keep up with those questions, it’s not aligned with how devices are being reviewed today. Trevor Slattery, COO at Blue Goat Cyber, and Cortez Frazier Jr, Director of Product at FOSSA, are breaking down what a usable, regulator-ready SBOM actually looks like and how to make it work across the product lifecycle. 📅 Thursday, April 23, 2026 — 12pm EDT 𝐉𝐨𝐢𝐧 𝐭𝐡𝐞 𝐜𝐨𝐧𝐯𝐞𝐫𝐬𝐚𝐭𝐢𝐨𝐧: https://lnkd.in/dGkVEsQj For teams responsible for product security, software transparency, and FDA readiness, this is where expectations are heading. #SBOM #FDACompliance #MedTechCybersecurity
Like Comment Share
FOSSA

7,154 followers
4d
Report this post
New: Our CEO Aaron Williams shares reaction to Anthropic's Project Glasswing announcement, including why outdated dependencies are such prime targets for AI-enabled attacks. https://lnkd.in/ehadG4vX

Project Glasswing and Vulnerability Exploitation Velocity fossa.com

Like Comment Share
FOSSA

7,154 followers
6d
Report this post
New from our blog: Check out some of the features our product and engineering teams have released in recent months, including snippet scanning and vulnerability scoring enhancements. https://lnkd.in/e6g36-Au

Spring 2026 FOSSA Product Updates fossa.com

Like Comment Share
FOSSA

7,154 followers
6d
Report this post
fossabot expands support to GitLab! Now supported across all offerings of both GitHub and GitLab, including self-hosted. https://lnkd.in/em3tasuj

fossabot expands to all GitHub and GitLab tiers fossa.com

1 Comment

Like Comment Share
FOSSA

7,154 followers
1w
Report this post
fossabot adds support for Java ecosystems (Maven/Gradle, Kotlin) for strategic updates and catching up on your vulnerability backlog! https://lnkd.in/ekWUw3_5

Java ecosystem support comes to fossabot fossa.com

Like Comment Share
FOSSA

7,154 followers
2w
Report this post
New: Check out our step-by-step guide to automating different elements of an effective SBOM management program. We cover tooling, policies, generation, sharing, and more. https://lnkd.in/eGSijUA9

A Roadmap for Automating the SBOM Management Lifecycle fossa.com

Like Comment Share
FOSSA

7,154 followers
3w
Report this post
ICYMI: Join Allan and our team on May 6 for a conversation about VEX!

FOSSA

7,154 followers
1mo

📣 Webinar Announcement: Join Allan Friedman, PhD, one of the creators of VEX (Vulnerability Exploitability eXchange), on May 6 for a conversation about effective VEX adoption in 2026. Allan will share practical strategies for automating VEX initiatives, using the specification to meet emerging regulatory requirements, and much more. Get full details and register at the link below! https://lnkd.in/eiBJcnvY

A Practical Guide to VEX in 2026, with Allan Friedman fossa.com

Like Comment Share
FOSSA reposted this
Allan Friedman, PhD

TPO Group•5K followers
1mo
Report this post
VEX was a tool that I thought would actually have faster adoption than SBOM, and there are a few reasons why it never caught on as widely. One reason, as recent discussions have made clear, is that people don't quite understand it. Join us for a webinar to talk about VEX, why it's important, and how it can help. (Hint: it will probably be VERY useful for CRA compliance)

FOSSA

7,154 followers
1mo

📣 Webinar Announcement: Join Allan Friedman, PhD, one of the creators of VEX (Vulnerability Exploitability eXchange), on May 6 for a conversation about effective VEX adoption in 2026. Allan will share practical strategies for automating VEX initiatives, using the specification to meet emerging regulatory requirements, and much more. Get full details and register at the link below! https://lnkd.in/eiBJcnvY

A Practical Guide to VEX in 2026, with Allan Friedman fossa.com

6 Comments

Like Comment Share
FOSSA

7,154 followers
1mo
Report this post
📣 Webinar Announcement: Join Allan Friedman, PhD, one of the creators of VEX (Vulnerability Exploitability eXchange), on May 6 for a conversation about effective VEX adoption in 2026. Allan will share practical strategies for automating VEX initiatives, using the specification to meet emerging regulatory requirements, and much more. Get full details and register at the link below! https://lnkd.in/eiBJcnvY

A Practical Guide to VEX in 2026, with Allan Friedman fossa.com

1 Comment

Like Comment Share
FOSSA

7,154 followers
1mo
Report this post
New from our blog: Allan Friedman, PhD, one of the leading voices in the creation of global #SBOM regulations, shares insights on PCI DSS, the CRA, DORA, and more. https://lnkd.in/gFzAE55v

Allan Friedman on SBOM Regulations fossa.com

Like Comment Share

Browse jobs

Funding

FOSSA 6 total rounds

Last Round

Series unknown Aug 28, 2025

US$ 5.1M

See more info on crunchbase

FOSSA

Software Development

San Francisco, California 7,154 followers

Modern Open Source Management & Security

About us

Locations

Employees at FOSSA

Aaron Williams

FOSSA•3K followers

Andy Chou

Ventrilo.ai•2K followers

Matthew Soldo

Google•1K followers

Dave Bortz

FOSSA•2K followers

Updates

Join now to see what you are missing

Similar pages

Vareto

Noyo

Tango

Render

Globality, Inc.

Machinify

You.com

Deepgram

StackShare

FOSSA Systems

Browse jobs

Analyst jobs

Implementation Manager jobs

Software Quality Engineer jobs

Manager jobs

Engineer jobs

Machine Learning Engineer jobs

Instructional Designer jobs

Software Engineering Manager jobs

Associate Product Manager jobs

Quality Assurance Manager jobs

Product Designer jobs

Strategic Account Manager jobs

Curator jobs

Product Manager jobs

Executive jobs

Real Estate Analyst jobs

Technical Account Manager jobs

Customer Service Representative jobs

Marketing Manager jobs

Specialist jobs

Funding