What is a FOSS Audit?
- 15 Jul 2020
- Business Security, Tech Due Diligence, Web Applications
Free and Open Source Software Audit
FOSS (Free and Open Source Software) is a software that can be used to help a developer implement functionality without having to start from scratch.
But not all developers will keep track of the software they use or read the licence properly. It’s important that licenses and compliance are implemented correctly. But as a software project grows, those tasks can get tricky.
When buying, selling, getting investment or investing in a business it’s vital to know if the product has the correct licences.
A FOSS audit will analyse all code within a software project and find the licenses for that code.
These licenses will then be checked to see if they can be used and what implications there could be from using it.
Mostly the code should be able to be used for commercial use with modification.
Some code may require fees to use commercially and some code may require certain stipulations to use, like having to submit all changes and improvements back to the open source project.
The audit will highlight any code that has licences that will compromise the product and discover potential fees that business owners may have not known about.
Some issues related to using other code in a software projects are:
Operations issues: Updating FOSS components
Security issues: Some FOSS coding can carry malicious code
Legal Issues: Copyright and cost issues can arise.
To audit your code contact us to see how we can help