nexB offers software audit services for companies who need help determining what open source software is in their products and systems.
We call this software provenance analysis because you need to know where a software component comes from ("origin") in order to know its license - this is quite similar to concepts behind provenance for a work of art.
We offer a wide range of software audit services. We frequently perform a comprehensive turnkey analysis for an acquisition due diligence audit project or a product baseline. If you perform the analysis yourself, then we can assist you with implementing your internal processes and tools for software component identification and management.
With the full-service approach, we perform the provenance analysis with minimal impact on the product team and provide you with a concise report detailing any issues, practical remediation actions for those issues and a complete Software BOM (and/or Inventory) for the product.
If you decide to perform software audit analysis internally, we can assist you with the configuration of our open source ScanCode tools in your software development environment and also provide our expertise on-demand for more complex software provenance questions.
Thanks and this was our pleasure to work with you and your team, really professional and impressive analysis.
Senior Director Data Security Group development & architecture
Thank you for the expert guidance nexB provided to us. It made the whole evaluation process much smoother and it was exactly what we needed. We would definitely recommend nexB as an independent third-party for open-source software M&A due diligence.
Head of Corporate Strategy
I will most definitely be remembering nexB, as I was very impressed by your scan, and how smooth the process was.
CTO & Founder