ZenGRC VS FOSSA

ZenGRC

ZenGRC is trusted by companies of all sizes including Salesforce, Google, Uber and Airbnb to manage compliance and risk management.

FOSSA

Open source license compliance and dependency analysis

Landing page //
2018-09-29

Landing page //
2023-09-17

ZenGRC 2 minute overview - Reciprocity

FOSSA videos

+ Add

Review: FOSSA 5.56 Flash Hider - White Sound Defense

Category Popularity

0-100% (relative to ZenGRC and FOSSA)

FOSSA

Governance, Risk And Compliance

100 100%

Governance, Risk And Compliance

0% 0

Security

0 0%

Security

100% 100

Security & Privacy

100 100%

Security & Privacy

0% 0

Code Analysis

0 0%

Code Analysis

100% 100

User comments

Share your experience with using ZenGRC and FOSSA. For example, how are they different and which one is better?

Social recommendations and mentions

Based on our record, FOSSA seems to be more popular. It has been mentiond 7 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.

ZenGRC mentions (0)

We have not tracked any mentions of ZenGRC yet. Tracking of ZenGRC recommendations started around Mar 2021.

FOSSA mentions (7)

A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
FOSSA - Scalable, end-to-end management for third-party code, license compliance and vulnerabilities. - Source: dev.to / 3 months ago
The Haskell job market has been growing steaily since 2008
For us, there were a couple advantages. For context, I work at FOSSA (https://fossa.com/). Our core product solves software supply chain needs in enterprises (around licensing and security), and our core technology is around compiler, build, and source code analysis. Off the top of my head, 3 advantages stood out: 1. First, if you're not going that far off the beaten low-level path, Haskell has incredible... - Source: Hacker News / 10 months ago
How to Automate the Software Bill of Materials (SBOM)
In this example, we'll explain how to create SBOM with FOSSA, an open-source dependency management tool ranked as the most significant SCA solution by the Forrester Wave. It helps you protect your software from open source risks such as supply chain threats and license violations. - Source: dev.to / over 1 year ago
SBOM management
I saw https://fossa.com/ and https://anchore.com/ which seem to solve what I have in mind but I wanted to know if there's maybe an open source way of getting a better overview besides running trivy sbom everytime I want to know something about a given sbom file. Source: over 1 year ago
Keeping Up With Vulnerable Third-Party Libraries
Our current project runs a Fossa scan as part of the automatic pipeline. Source: almost 2 years ago

What are some alternatives?

When comparing ZenGRC and FOSSA, you can also consider the following products

SAP GRC - SAP solutions for governance, risk, and compliance (GRC) help companies minimize risk and stay in compliance with regulations.

Snyk - Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.

AuditBoard - AuditBoard is a platform that offers compliance and audit management that allows auditors to analyze, manage, and report the business operations.

WhiteSource - Find & fix security and compliance issues in open source libraries in real-time.

EtQ Reliance - QMS integrates data to reduce risk and ensure compliance.

Black Duck Software Composition Analysis - Black Duck Software Composition Analysis (SCA) provides a solution for managing open source security, quality, and license compliance risks that comes from the use of open source and third-party code.

ZenGRC vs SAP GRC

ZenGRC vs Snyk

ZenGRC vs AuditBoard

ZenGRC vs WhiteSource

ZenGRC vs EtQ Reliance

ZenGRC vs Black Duck Software Composition Analysis

FOSSA vs EtQ Reliance

FOSSA vs Black Duck Software Composition Analysis