Let’s welcome our new member SCANOSS.
As many of you would already know SCANOSS provides open OSS Inventory & Intelligence for DevSecOps (https://www.scanoss.com/) and Software Composition Analysis plays in the Trust goals in GGI. Good conversations ahead!
This was announced on our different channels and updated on the web site, feel free to share.
Thanks Fred for the announcement, and welcome to the OSPO Alliance, ScanOSS!
Thanks for the warm welcome. We are delighted to be part of the OSPO Alliance.
SCANOSS is a data company in the SCA market. Our main product is our SCANOSS KB (Knowledge Base) about open source software, licenses, algorithms, etc. To create it, enrich it and maintain it, we use open source and create software that we publish under permissive licenses. With our software, anyone can create their own knowledge base, just like we did. You can find the software here: SCANOSS · GitHub
In the data space, we have created OSSKB (Open Source Software Knowledge Base), focused on license compliance, widely accessible for free (gratis) to anyone interested, including tools, through the Software Transparency Foundation. Access to OSSKB here: https://osskb.org/
Additionally, SCANOSS is taking steps in the open data space by publishing and maintaining two data sets so far:
Welcome to you and the SCANOSS team!
Security, resilience are big topics and its good to have your views on the SCA market and organisation level of matutiry or focus here.
SCA is part of GGI Trust goal … your inights on refining or further developing this (and other goals) are very welcome !!