top of page

FOSSA Partners with SCANOSS to Help Organisations Manage AI Coding Risks

  • Writer: Giuliana Bruni
    Giuliana Bruni
  • Sep 4
  • 2 min read

Technology partnership equips engineering and legal teams with new capabilities to manage IP risks from AI coding tools.


Madrid, SpainFOSSA has formed a technology partnership with SCANOSS to provide customers advanced safeguards against legal risks associated with the use of AI coding tools. This partnership gives FOSSA users deeper visibility into code components while drawing on the scale and accuracy of SCANOSS’s open source risk intelligence platform. The collaboration marks the start of a focused technology partnership built to help organizations stay ahead of emerging copyright and license compliance risks.


As AI-generated code becomes a standard part of modern development workflows, a long-standing intellectual property concern is becoming harder to manage: developers using AI coding tools may unknowingly violate open source license compliance. GitHub reports that, in files where Copilot is enabled, nearly 40% of the code is written by the tool—particularly in popular languages like Python—underscoring how deeply AI is embedded in everyday coding. At the same time, the Software Transparency Foundation has found that roughly 1–5% of LLM-generated code is highly similar to open source, and up to ~30% shows some degree of overlap when permissive similarity measures are applied. These fragments often lack clear attribution or licensing, introducing silent legal and operational exposure. By supporting detection at the snippet level, this integration gives teams the clarity needed to act on what AI may have copied, not just what it built.


“As a growing number of engineering teams adopt AI coding tools, we’ve heard concerns from many of our customers about the license compliance implications. Combining SCANOSS’ snippet detection techniques with our deep license knowledgebase and proven license compliance management workflows gives FOSSA users a powerful solution to manage IP risks without slowing development.” Kevin Wang, CEO of FOSSA

“Partnering with FOSSA amplifies our role as a trusted data provider at the heart of the open source ecosystem. By combining SCANOSS’s unique data capabilities with FOSSA’s precision OSS intelligence, we’re creating more than just an integration—we’re unlocking new levels of value for the entire community. Together, we can deliver richer, more accessible insights that help developers, maintainers, and toolmakers thrive.” Alan Facey, CEO of SCANOSS.

 


About FOSSA

FOSSA is a leading application security and compliance platform that specializes in helping engineering teams deliver trusted software. Founded in 2015, FOSSA is trusted by thousands of global organizations, has been downloaded nearly two million times, and has conducted nearly 100 million scans of open source software. Learn more at https://fossa.com


About SCANOSS

SCANOSS is the open source risk intelligence platform built for integration. Powered by the world’s largest OSS knowledge base, SCANOSS delivers real-time risk signals across the software development lifecycle. Learn more at scanoss.com

Adopt SCANOSS today

Get complete visibility and control over your open source.

bottom of page