Choose from our datasets.
Get the OSS risk intelligence you need.
Layer them all together and get 360° visibility on your open source software.
LICENSES DATASET
Are you compliant with your license obligations?
Declared and undeclared code like plagiarised, hidden or AI-generated code can expose you to compliance risks.
SCANOSS’s license dataset provides actionable intelligence about license obligations, license compatibility, copyright notices, attributions and more.
Supporting all programming languages, SCANOSS is able to detect both declared and undeclared open source and dependencies in your code. Revealing everything from full components to files and snippets of open source. So that you can comply with your license obligations.
SECURITY DATASET
Do you have hidden security vulnerabilities?
Detect potential vulnerabilities in the declared open source dependencies that you know about, and the undeclared code you didn’t know about.
The SCANOSS Security dataset equips you with essential insights from reliable sources like the National Vulnerability Database (NVD), OSV, and GitHub Advisories.
As an API-first tool, SCANOSS enables customized real-time alerts, to ensure you stay informed about new threats, evaluate potential exploits, and plan for updates, helping you to prioritize remediation for all dependencies, not just the ones you know about.
ENCRYPTION DATASET
Is your encryption ready for the future?
Weak or outdated cryptography can risk confidentiality, security, and compliance with requirements like GDPR and HIPAA and export regulations. Prepare for quantum computing, which could render widely used algorithms obsolete.
The SCANOSS Encryption dataset provides a complete inventory of cryptographic algorithms in both your open source and proprietary code. Get insights into algorithm types and strength, enabling ECCN classification, regulatory compliance, and planning for quantum-resistant security.
GEO PROVENANCE DATASET
Do you know where your code comes from?
Third-party components can introduce unseen risks, especially if their source is uncertain.
The SCANOSS Geo Provenance dataset provides detailed intelligence on the origin of authorship of your open source software, and ownership of your code, including geographical provenance.
This helps verify the authenticity of libraries and dependencies. Maintain transparency, strengthen your software supply chain, and build trust with a secure, traceable codebase.
Built for DevSecOps
CLIs and webhooks for automation and CI/CD integration.
Work seamlessly within your console or coding environment with tools that integrate directly into your workflow. Built on open source software, our API-centric approach provides essential tools for SBOM creation and detailed OSS risk intelligence, including command-line interfaces (CLIs), webhooks, and software development kits (SDKs).
SCANOSS supports your favorite tools, from VS Code and IntelliJ to Jenkins and GitHub Actions, providing the flexibility and control you need to maintain compliance and streamline development. Unlock the full potential of your software development lifecycle with our integrated solutions.
