Open source auditing software

The high volume and rate of change for OSS components means that you can no longer manage this with just spreadsheets.

The best solution for you will depend on where you are starting from. An organization that already has a current OSS Inventory may just need a better way to manage their data. And everyone needs an automated way to update their OSS component and license data for every release.

Request a demonstration! Initial Meeting A first conference call takes place to kick start the project, introduce contact persons from all parties and communicate relevant details of the audit such as timeline, custom reports, etc.

Knowledge Base Comparison The collection of digital signatures is used to search the biggest open source database in the industry and find matches to open source files and snippets. Approval Request Once the audit is concluded, all reports are sent to the target company for approval before they are shared with the potential buyer. Report Delivery After the approval, the final reports are transferred securely to the potential buyer, including the Bill of Materials, SPDX, executive summary and more.

Final Meeting Another conference call takes place to present the audit results and answer any question that might have arisen from the reports. Open Source Audits for Maximum Security and Confidentiality FossID fulfils any security and confidentiality requirements as source code is never exposed to anyone but the rightful owner, not to the acquiring company, nor FossID as the auditing company.

No source code exposure Ensuring maximum security and confidentiality. No legal hassle Clean cut, easy process to get the job done. No touch Blind audit, done remotely, without ever exposing the source code. Essentially, Open-AudIT is a database of information, that can be queried via a web interface. The entire application is written in php, bash and vbscript.

These are all 'scripting' languages - no compiling and human readable source code. Making changes and customisations is both quick and easy. Linux systems can be queried for a similar amount of information. Network devices printers, switches, routers, etc can have data recorded such as IP-Address, MAC Address, open ports, serial number, etc, etc.