FOSSA vs FlexNet Code Insight comparison

Revenera and FOSSA are both solutions in the Software Composition Analysis (SCA) category. Revenera is ranked #21, while FOSSA is ranked #10 with an average rating of 8.0. Revenera holds a 0.7% mindshare in SCA, compared to FOSSA’s 3.7% mindshare. Additionally, 92% of FOSSA users are willing to recommend the solution.

FlexNet Code Insight

Read 1 FlexNet Code Insight review

287 Views
225 Comparison Views

0% willing to recommend

FOSSA

Read 15 FOSSA reviews

2,420 Views
1,585 Comparison Views

92% willing to recommend

FlexNet Code Insight

FOSSA

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between FlexNet Code Insight and FOSSA based on real PeerSpot user reviews.

Find out what your peers are saying about Black Duck, Veracode, Snyk and others in Software Composition Analysis (SCA).

To learn more, read our detailed Software Composition Analysis (SCA) Report (Updated: October 2024).

Buyer's Guide

Software Composition Analysis (SCA)

October 2024

Download the complete report

Helped 814,763 peers since 2012

Categories and Ranking

FlexNet Code Insight

Ranking in Software Composition Analysis (SCA)

21st

Average Rating

4.0

Number of Reviews

Ranking in other categories

No ranking in other categories

FOSSA

Ranking in Software Composition Analysis (SCA)

10th

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Software Composition Analysis (SCA) category, the mindshare of FlexNet Code Insight is 0.7%, up from 0.6% compared to the previous year. The mindshare of FOSSA is 3.7%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Software Composition Analysis (SCA)

Featured Reviews

it_user1061121

Works

Apr 11, 2019

A decent web interface for reports, but the snippet style code matching requires too much effort

I was trying to assess our third party software risks and license risk. We also wanted to ensure we had proper third party license compliance After about a year, we never really institutionalized the reports and review data coming from Flexera due to a number of issues. Some of those issues were…

Read full review

Hanumanth Ramsetty

Software Engineer at Tech Mahindra Limited

Oct 24, 2024

Proactively mitigate deployment vulnerabilities with seamless dependency tracking

In our current project, we are using FOSSA as part of our CI/CD pipeline. It is used to scan our projects to ensure that our dependencies are up to date and do not introduce vulnerabilities to our code Before using FOSSA, we could only identify issues after deployment in the Cloud Run. Now, with…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It had a web interface into the reporting tools that was decent, and open source components could be reported per project and/or aggregated similar to other software composition tools."

"The support team has just been amazing, and it helps us to have a great support team from FOSSA. They are there to triage and answer all our questions which come up by using their product."

"FOSSA allows us to keep track of all dependencies to ensure they are up to date and not causing any vulnerabilities."

"The scalability is excellent."

"FOSSA provided us with contextualized, easily actionable intelligence that alerted us to compliance issues. I could tell FOSSA exactly what I cared about and they would tell me when something was out of policy. I don't want to hear from the compliance tool unless I have an issue that I need to deal with. That was what was great about FOSSA is that it was basically "Here's my policy and only send me an alert if there's something without a policy." I thought that it was really good at doing that."

"The most valuable feature is definitely the ease and speed of integrating into build pipelines, like a Jenkins pipeline or something along those lines. The ease of a new development team coming on board and integrating FOSSA with a new project, or even an existing project, can be done so quickly that it's invaluable and it's easy to ask the developers to use a tool like this. Those developers greatly value the very quick feedback they get on any licensing or security vulnerability issues."

"The most valuable feature is its ability to identify all of the components in a build, and then surface the licenses that are associated with it, allowing us to make a decision as to whether or not we allow a team to use the components. That eliminates the risk that comes with running consumer software that contains open source components."

"Their CLI tool is very efficient. It does not send your source code over to their servers. It just does fingerprinting. It is also very easy to integrate into software development practices."

"FOSSA suggests solutions for dependency mismatches."

More FOSSA pros

Cons

"I found the user interface cumbersome and difficult to use."

"The technical support has room for improvement."

"For open-source management, FOSSA's out-of-the-box policy engine is easy to use, but the list of licenses is not as complete as we would like it to be. They should add more open-source licenses to the selection."

"On the legal and policy sides, there is some room for improvement. I know that our legal team has raised complaints about having to approve the same dependency multiple times, as opposed to having them it across the entire organization."

"I want the product to include binary scanning which is missing at the moment. Binary scanning includes code and component matching through dependency management. It also includes the actual scanning and reverse engineering of the boundaries and finding out what is inside."

"The solution provides contextualized, actionable, intelligence that alerts us to compliance issues, but there is still a little bit of work to be done on it. One of the issues that I have raised with FOSSA is that when it identifies an issue that is an error, why is it in error? What detail can they give to me? They've improved, but that still needs some work. They could provide more information that helps me to identify the dependencies and then figure out where they originated from."

"I would like more customized categories because our company is so big. This is doable for them. They are still in the stages of trying to figure this out since we are one of their biggest companies that they support."

"I wish there was a way that you could have a more global rollout of it, instead of having to do it in each repository individually. It's possible, that's something that is offered now, or maybe if you were using the CI Jenkins, you'd be able to do that. But with Travis, there wasn't an easy way to do that. At least not that I could find. That was probably the biggest issue."

"We have seen some inaccuracies or incompleteness with the distribution acknowledgments for an application, so there's certainly some room for improvement there. Another big feature that's missing that should be introduced is snippet matching, meaning, not just matching an entire component, but matching a snippet of code that had been for another project and put in different files that one of our developers may have created."

More FOSSA cons

Pricing and Cost Advice

Information not available

"FOSSA is a fairly priced product. It is not either cheaper or expensive. The pricing lies somewhere in the middle. The solution is worth the money that we are spending to use it."

"The solution's pricing is good and reasonable because you can literally use a lot of it for free."

"Its price is reasonable as compared to the market. It is competitively priced in comparison to other similar solutions on the market. It is also quite affordable in terms of the value that it delivers as compared to its alternative of hiring a team."

"FOSSA is not cheap, but their offering is top-notch. It is very much a "you get what you pay for" scenario. Regardless of the price, I highly recommend FOSSA."

"The solution's cost is a five out of ten."

See which vendors are best for you

Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.

See recommendations

814,763 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

23%

Computer Software Company

21%

Real Estate/Law Firm

11%

Financial Services Firm

10%

Manufacturing Company

28%

Computer Software Company

15%

Financial Services Firm

13%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What do you like most about FOSSA?

I am impressed with the tool’s seamless integration and quick results.

See all answers

What is your experience regarding pricing and costs for FOSSA?

The solution's pricing is good and reasonable because you can literally use a lot of it for free. You have to pay for the features you need, which I think is fair. If you want to get value for free...

See all answers

What needs improvement with FOSSA?

If you have thousands of applications, organizing them all into teams or tags is challenging. There is a point where you start using FOSSA at a very large scale, and the user interface needs to adj...

See all answers

Comparisons

Black Duck vs FlexNet Code Insight

Compared 81% of the time

Mend.io vs FlexNet Code Insight

Compared 19% of the time

More FlexNet Code Insight Competitors

Black Duck vs FOSSA

Compared 45% of the time

Snyk vs FOSSA

Compared 17% of the time

Mend.io vs FOSSA

Compared 12% of the time

JFrog Xray vs FOSSA

Compared 7% of the time

Fortify Static Code Analyzer vs FOSSA

Compared 6% of the time

More FOSSA Competitors

Product Reports

Buyer's Guide

Software Composition Analysis (SCA)

October 2024

Download FlexNet Code Insight product report

Buyer's Guide

FOSSA

November 2024

Download FOSSA product report

Learn More

Video not available

Revenera

Video not available

FOSSA

Overview

FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk, while you build your products and during their lifecycle. Manage open source license compliance. And add automation to your processes and implement a formal OSS strategy and policy that balances business benefits and risk management.

Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for legal teams to maintain license compliance, security to fix vulnerabilities, and engineering to improve code quality across the entire software supply chain. As the only developer-native open source management platform, FOSSA fully integrates with your existing CI/CD pipeline to provide complete visibility and context earlier in the software development lifecycle. For the first time, teams can collaboratively shift left and audit, analyze, control, and remediate license issues and vulnerabilities right in their existing workflows.

Sample Customers

Information Not Available

AppDyanmic, Uber, Twitter, Zendesk, Confluent

Buyer's Guide

Software Composition Analysis (SCA)

October 2024

Download Free Report

Find out what your peers are saying about Black Duck, Veracode, Snyk and others in Software Composition Analysis (SCA). Updated: October 2024.

DOWNLOAD NOW

814,763 professionals have used our research since 2012.

See our list of best Software Composition Analysis (SCA) vendors.

We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.