No more typing reviews! Try our Samantha, our new voice AI agent.

Apiiro vs FOSSA comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Apiiro
Ranking in Software Composition Analysis (SCA)
19th
Average Rating
8.0
Reviews Sentiment
5.9
Number of Reviews
3
Ranking in other categories
Static Application Security Testing (SAST) (27th), API Security (17th), Software Supply Chain Security (11th), Risk-Based Vulnerability Management (21st), Application Security Posture Management (ASPM) (11th)
FOSSA
Ranking in Software Composition Analysis (SCA)
11th
Average Rating
8.6
Reviews Sentiment
7.9
Number of Reviews
15
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Software Composition Analysis (SCA) category, the mindshare of Apiiro is 2.4%, up from 2.0% compared to the previous year. The mindshare of FOSSA is 2.4%, down from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA) Mindshare Distribution
ProductMindshare (%)
FOSSA2.4%
Apiiro2.4%
Other95.2%
Software Composition Analysis (SCA)
 

Featured Reviews

Kunal M - PeerSpot reviewer
Capability Center Leader, ETRM Platforms at Shell
Comprehensive risk analysis helps identify key performance trends but report access needs improvement
My first feedback for Apiiro is that it is very slow, extremely slow. The moment I select from the entire list of repositories in my vertical, which is almost more than 400 repositories, it takes a lot of time for me to load the report. Sometimes it fails. I do not have Role-Based Access Control (RBAC). It's only given to the application security team, and Apiiro as a vendor does not have the rollback access control enabled for the clients, so that would have given me access to the reports tab, which would have made my life easier. Currently, I have to go to the risks tab to pull out all this information. I started exploring dashboards with Copilot. I need to reach out to the Apiiro teams to see if I can get an access token so that I can pull out a Power BI dashboard. I think Apiiro definitely has its own capabilities, but if there are access tokens that teams can use to build a custom dashboard, that would be great. This might already exist, but that is something which will ease the vulnerability management day-to-day activities.
reviewer2588340 - PeerSpot reviewer
Senior Software Engineer at a manufacturing company with 10,001+ employees
Dependency management enhanced with update suggestions but lacks precise vulnerability tracking
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact line numbers for bugs. Also, the process in FOSSA can be quite contradicting and not very straightforward for new users.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The workflow automation is likely the best aspect of the solution."
"The positive impact I have seen from working with Apiiro for my company includes the metrics that we get from Apiiro, which have been extremely helpful."
"FOSSA is well worth the investment; it is an opportunity to scale your operations, especially for a legal team to maintain pace with your technical teams in a cost-efficient way."
"The scalability is excellent."
"FOSSA suggests solutions for dependency mismatches."
"I am impressed with the tool’s seamless integration and quick results."
"FOSSA allows us to keep track of all dependencies to ensure they are up to date and not causing any vulnerabilities."
"Policies and identification of open-source licensing issues are the most valuable features. It reduces the time needed to identify open-source software licensing issues."
"Overall, it's a great product."
"The most valuable feature is definitely the ease and speed of integrating into build pipelines, like a Jenkins pipeline or something along those lines. The ease of a new development team coming on board and integrating FOSSA with a new project, or even an existing project, can be done so quickly that it's invaluable and it's easy to ask the developers to use a tool like this. Those developers greatly value the very quick feedback they get on any licensing or security vulnerability issues."
 

Cons

"My first feedback for Apiiro is that it is very slow, extremely slow."
"User management is a little bit clunky."
"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"For open-source management, FOSSA's out-of-the-box policy engine is easy to use, but the list of licenses is not as complete as we would like it to be. They should add more open-source licenses to the selection."
"If you have thousands of applications, organizing them all into teams or tags is challenging."
"I would like more customized categories because our company is so big."
"The technical support has room for improvement."
"FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually."
"I would like the FOSSA API to be broader. I would like not to have to interact with the GUI at all, to do the work that I want to do. I would like them to do API-first development, rather than a focus on the GUI."
"Security scanning is an area for improvement. At this point, our experience is that we're only scanning for license information in components, and we're not scanning for security vulnerability information. We don't have access to that data. We use other tools for that. It would be an improvement for us to use one tool instead of two, so that we just have to go through one process instead of two."
"I would like more customized categories because our company is so big. This is doable for them. They are still in the stages of trying to figure this out since we are one of their biggest companies that they support."
 

Pricing and Cost Advice

Information not available
"FOSSA is a fairly priced product. It is not either cheaper or expensive. The pricing lies somewhere in the middle. The solution is worth the money that we are spending to use it."
"The solution's cost is a five out of ten."
"The solution's pricing is good and reasonable because you can literally use a lot of it for free."
"FOSSA is not cheap, but their offering is top-notch. It is very much a "you get what you pay for" scenario. Regardless of the price, I highly recommend FOSSA."
"Its price is reasonable as compared to the market. It is competitively priced in comparison to other similar solutions on the market. It is also quite affordable in terms of the value that it delivers as compared to its alternative of hiring a team."
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Manufacturing Company
11%
Construction Company
8%
Energy/Utilities Company
7%
Manufacturing Company
19%
Financial Services Firm
13%
Comms Service Provider
8%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise8
 

Questions from the Community

What needs improvement with Apiiro?
One area Apiiro could improve is reporting customization and dashboard flexibility with more advanced filtering and easier communication.
What is your primary use case for Apiiro?
Apiiro is primarily used for code scanning and integration with source code control. The main use cases include code scanning and code snippet analysis. Apiiro provides security and visibility by h...
What advice do you have for others considering Apiiro?
I would highly recommend Apiiro and a clear understanding of the API landscape and integration requirements before implementing it. Apiiro provides the most value to organizations that have multipl...
What is your experience regarding pricing and costs for FOSSA?
The solution's pricing is good and reasonable because you can literally use a lot of it for free. You have to pay for the features you need, which I think is fair. If you want to get value for free...
What needs improvement with FOSSA?
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact lin...
What is your primary use case for FOSSA?
I have worked with FOSSA primarily to manage the dependencies in our projects. For example, if I take a Spring Boot application, FOSSA helps in identifying mismatches or unsupported dependencies th...
 

Comparisons

 

Also Known As

Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA)
No data available
 

Overview

 

Sample Customers

Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan
AppDyanmic, Uber, Twitter, Zendesk, Confluent
Find out what your peers are saying about Apiiro vs. FOSSA and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.