Your Open Source Risk Management Experts
Empowering organizations with comprehensive Open Source services and expertise that make Open Source compliance and security simple and seamless, so you can focus on what you do best
ISO/IEC 5230:2020
ISO/IEC 18974:2023
Managed Services
Open Source Compliance and Security as-a-Service designed for organizations in need of ongoing support
Third-Party OSS Audits
Understand your contractor’s or supplier’s OSS compliance and security management maturity. Minimize internal efforts and avoid redundant reviews of external code and compliance artifacts.
Open Source Policy, Processes & Training
Equip your team with the skills to manage Open Source effectively, aligning with ISO5230 and ISO18974 standards.
Code Scanning & SBOM Creation
Comprehensive solutions for Software Bill of Materials (SBOM) generation and Open Source software remediation planning.
OSPO as a Service
Leverage our expertise to build or enhance your Open Source Program Office (OSPO).
Consulting & Implementation
Achieve your Open Source goals with our tailored services
Open Source Management Optimization
Resolve compliance and security bottlenecks with risk-based approval workflows and streamlined processes.
Open Source Strategy Development
Develop robust organizational policies to manage Open Source usage and mitigate potential risks.
End-to-End Program Implementation
From pilot to deployment, we ensure your Open Source Management Program delivers on its potential.
Audit
Ensure compliance and mitigate risks with industry-leading audit services
M&A Due Diligence
Evaluate Open Source risks in mergers and acquisitions to safeguard your investments.
ISO5230 & ISO18974 Readiness Assessment
Align your Open Source practices with OpenChain standards by an OpenChain official partner.
Why FOSSAware?
Proven Experience
With a collective experience spanning decades, our team of professionals delivers reliable and effective solutions tailored to organizations of every size, from agile startups to enterprises with thousands of developers.
Experts in Everything Open Source
At FOSSAware, Open Source is not just what we do—it’s everything we do. With experts in technology, security and compliance, we provide precise, up-to-date, and comprehensive services that cover every aspect of Open Source management. We support your journey from design and pilot stages to ongoing operations with unmatched expertise.
Trusted OpenChain Partner
FOSSAware is an official partner of the OpenChain Project, the organization behind the ISO standards for Open Source compliance (ISO5230), and security (ISO18974). All of our services are fully aligned with these globally recognized standards, ensuring that your Open Source operations meet the highest levels of compliance and professionalism.
Among Our Clients
What Clients Say...
“FOSSAware has been supporting us with great professionalism as part of our open source risk management process. They have a deep understanding of business market requirements and the relevant tools. Their service is personal, professional, and readily available. Highly recommended.”
Rony Keren, CTO at Liquidity-Capital
“Any CIO of an organization developing software or hardware products, regardless of the industry sector, would want FOSSAware by their side. With proven experience and an uncompromising level of service and professionalism in the field of open source risk management, they are the ideal partner.
In short—highly recommended.”
Eldar lev-ran, Partner & CIO , Strauss Strategy & Consulting house
“FOSSAware provided us with highly professional support as part of the open source risk management process at Perimeter 81. They have an in-depth understanding of open source management and the relevant tools. The service was professional, with a personal and customer-focused approach. Highly recommended.”
Lior Mazor, CISO , Perimeter 81
“FOSSAware is a one-stop shop for everything related to open source risk management—from drafting policies and processes to proper tool usage and training. They are professional, always available, and provide a personal touch.”
Oren Elimelech, Co-Founder & CEO , CyberTeam360
“I highly recommend the company’s services, and the sooner, the better! The professional team (Tzvika and Yaniv) provides solutions for a variety of needs related to secure development and open source aspects (developer training, risk management, policy documentation).”
Ariel Lilaev, syber.co.il , CISO
“True partners on the journey, with exceptional professional expertise and immediate availability to address any open source risk issues. Wonderful individuals on a personal level, with a constant drive for excellence and a broad perspective, focused on addressing the right challenges.”
Alan Idelson , CISO
“FOSSAware possesses a rare combination of extensive technical and legal knowledge. They developed policies and processes for managing open source risks tailored to our organization’s characteristics and aligned with the requirements of the medical device sector. Additionally, they assisted with scans and responses to inquiries from investors and clients. Highly recommended.”
Itai Kornberg, Co-Founder, CTO at EyeControl
