SCANOSS and EACG Partner to Strengthen Open Source Compliance in the DACH Region

Collaboration expands SCANOSS risk intelligence into German-speaking markets through EACG

Madrid, Spain – SCANOSS, the open source risk intelligence platform, announces a new partnership with EACG, a Frankfurt-based consultancy recognised for its leadership in Software Supply Chain Security and compliance. The partnership expands SCANOSS’s presence across Germany, Austria, and Switzerland, enabling organisations to strengthen open source risk management as regulations tighten across Europe.

The collaboration focuses on giving businesses clear visibility into open source components and their cryptographic dependencies — a growing need as quantum computing threatens widely used algorithms such as RSA and ECC. By combining SCANOSS’s encryption intelligence with EACG’s advisory expertise, organisations gain practical tools to assess, manage, and enforce open source compliance across their software portfolios.

EACG’s TrustSource platform and open source ts-scan tool complement this approach, helping clients generate SBOMs enriched with cryptography risk intelligence. New policy capabilities, designed to identify and flag outdated or weak algorithms, further enhance resilience when paired with SCANOSS’s open source risk intelligence.

Together, SCANOSS and EACG are equipping enterprises and SMEs in the DACH region with the transparency and control needed to move beyond simple regulatory compliance checklists. The partnership ensures organisations can align with today’s compliance requirements while building resilience against the cryptographic and supply chain risks of tomorrow.

Contacts for EACG: