The first multiplatform
OSS auditing app.

Auditing your source code for license compliance has never been easier. Simply download the SCANOSS Audit Workbench and scan your source code directory to find and identify open source components. Generate your SPDX-Lite software bill of materials (SBOM) with the press of a button.

Also available on

Analyzes your source code
on the spot, fast, secure and anonymously.

Cryptographic fingerprints are obtained from your source code and sent to the public OSS Knowledgebase API for comparison.

This means that your code is analyzed on the spot, without ever leaving your computer. Audit Workbench requires no user authentication and our servers are 100% stateless, which means your analysis is performed in an absolute anonymous fashion.

Audit your source code in no time!

Using the latest UX practices & technologies, you can enjoy an agile and modern user interface that will allow you to thoroughly audit your source code in no time at all. You can easily spot even small code fragments that have been "borrowed" from websites or Open Source projects.

You can easily spot even small code fragments that have been "borrowed" from websites or Open Source projects.

Continuous component identification
and SBOM

Built specifically
for development teams

Empower developers to confidently produce compliant code, while providing greater license visibility to the team.

Fully configurable and 100%
Open Source

No proprietary algorithms, no closed binaries and definitely no corporate source code. Everything is entirely open and available.

Architected for speed
and velocity

‘Start left’ in the development lifecycle by performing continuous validations instead of waiting on one final audit at the end.

Open Source Knowledge Base

(OSSKB)

It’s big.

3 trillion

lines of known OSS code

100 billion

individual OSS files

121 million

known OSS URLs

Get in Touch

100% Open Source Platform architecture

Shouldn’t all SCA tooling used to scan for Open Source code actually be Open Source themselves?

Open Inventorying Engine

To analyze & compare Open Source Code snippets, filers or Winnowing fingerprints.

Open SBOM

Continuously generate an open Software Bill of Materials. Store your SBOM in SPDX or CycloneDX.

Open Indexing Algorithm

Using an open algorithm called ‘winnowing’ to store OSS files, snippets & code.

Open RESTful API

Client side applications and middleware can leverage this API to interact with the SCANOSS Engine.

Open Database Engine

Your query performance is critical. Our Knowledge Base has already passed 2 trillion fingerprints.

Open Webhooks & CLI

Trigger secure source code analysis with every git push using webhooks or embed it into your CI/CD pipelines using the CLI.

An ‘always on’ SBOM

A continuous snapshot of ‘live’ code. No more waiting around for an audit to finish

Continuous SBOM creation and license compliance updates
Directly actionable for any developer v.s. a small army of auditors.
Frictionless SBOM communication up & down the supply chain.

"Fully integrated into your
Development Tools
and Processes"

100% Open architecture allows for easy integrations
Native support for most DevOps toolchains
Integrate with existing SCA tooling without overlap (e.g. SPDX)
Open data architecture allows for comparable results

Open Source auditing is finally
available to everyone!

Audit Workbench is a desktop app that requires no installation and runs on-the-fly on any Windows, OSX or Linux computer.

Also available on

Analyzes your source code on the spot, fast, secure and anonymously.

Audit your source code in no time!

It’s big.

An ‘always on’ SBOM

"Fully integrated into your Development Tools and Processes"

Ready to facilitate the next wave of Open Source adoption?

Analyzes your source code
on the spot, fast, secure and anonymously.

"Fully integrated into your
Development Tools
and Processes"