Compare FOSSA vs. Veracode Software Composition Analysis

FOSSA is ranked 9th in Software Composition Analysis (SCA) while Veracode Software Composition Analysis is ranked 6th in Software Composition Analysis (SCA) with 4 reviews. FOSSA is rated 0, while Veracode Software Composition Analysis is rated 7.2. On the other hand, the top reviewer of Veracode Software Composition Analysis writes "Enables us to identify potential problems in applications and fix them before they are used in ways they should not be but has false positives". FOSSA is most compared with Black Duck , WhiteSource and Snyk, whereas Veracode Software Composition Analysis is most compared with Black Duck , JFrog Xray and Sonatype Nexus Lifecycle.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Sonatype, WhiteSource, Synopsys and others in Software Composition Analysis (SCA). Updated: March 2020.
406,607 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pricing and Cost Advice
Information Not Available
Without getting too specific, I'd say the average yearly cost is around $50,000. The costs include licensing and maintenance support.

Read more »

report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
406,607 professionals have used our research since 2012.
Ranking
Views
601
Comparisons
526
Reviews
0
Average Words per Review
0
Avg. Rating
N/A
Views
1,967
Comparisons
1,748
Reviews
4
Average Words per Review
642
Avg. Rating
7.3
Top Comparisons
Compared 43% of the time.
Compared 22% of the time.
Compared 20% of the time.
Also Known As
Veracode SCA, SourceClear
Learn
FOSSA
Video Not Available
Veracode
Video Not Available
Overview

Open Source has become the critical supplier for modern software companies, changing everything about how people think about their code. FOSSA builds the infrastructure for modern teams to be successful with open source.

FOSSA's flagship product helps teams track the open source used in their code and automate license scanning and compliance. Since then, over 3000 open source projects (Kubernetes, Webpack, Terraform, ESLint) and companies (Docker, Tesla, Mapbox, Hashicorp) rely on FOSSA's tools to ship software. If you are in the software industry today, you're now using code that runs FOSSA.

Veracode Software Composition detects open source vulnerabilities in the software development process with higher accuracy. Veracode SCA reduces false positives by prioritizing vulnerabilities in the execution path of the application. Its proprietary database contains significantly more vulnerabilities than the NVD because it datamines pull requests, bug reports, and release notes. It also looks for vulnerabilities in dependencies several layers deep. Veracode SCA is part of a comprehensive DevSecOps solution that covers multiple assessment types, enables developers, and helps organizations achieve AppSec governance.

Offer
Learn more about FOSSA
Learn more about Veracode Software Composition Analysis
Sample Customers
Applause, JS Foundation, SmartThings
Information Not Available
Top Industries
No Data Available
VISITORS READING REVIEWS
Software R&D Company51%
Comms Service Provider11%
Government8%
Retailer7%
Find out what your peers are saying about Sonatype, WhiteSource, Synopsys and others in Software Composition Analysis (SCA). Updated: March 2020.
406,607 professionals have used our research since 2012.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.