No more typing reviews! Try our Samantha, our new voice AI agent.

Debricked Security vs FOSSA comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Debricked Security
Ranking in Software Composition Analysis (SCA)
23rd
Average Rating
0.0
Reviews Sentiment
8.4
Number of Reviews
1
Ranking in other categories
Vulnerability Management (114th)
FOSSA
Ranking in Software Composition Analysis (SCA)
11th
Average Rating
8.6
Reviews Sentiment
7.9
Number of Reviews
15
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Software Composition Analysis (SCA) category, the mindshare of Debricked Security is 1.2%, up from 0.9% compared to the previous year. The mindshare of FOSSA is 2.4%, down from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA) Mindshare Distribution
ProductMindshare (%)
FOSSA2.4%
Debricked Security1.2%
Other96.4%
Software Composition Analysis (SCA)
 

Featured Reviews

Jonathan Steyn - PeerSpot reviewer
Principal Technical Consultant at EOH
Allows for organizations and projects to manage open source vulnerabilities in an efficient, smooth and secure way
Debricked Security has already implemented several improvements, which are great. One area that could be improved is simplifying the process of converting other SBOM data formats into files that Debricked can understand. While the conversion isn't difficult, it is pretty technical and could be challenging for non-technical users. Apart from that, all software features work seamlessly. The integration with endpoints took less than fifteen minutes, and everything from security conventions to automation rules works perfectly. As for AI, Debricked Security uses it effectively, reducing manual work and unnecessary analysis. It enhances data analysis, making it much easier for customers, which I appreciate about the tool.
reviewer2588340 - PeerSpot reviewer
Senior Software Engineer at a manufacturing company with 10,001+ employees
Dependency management enhanced with update suggestions but lacks precise vulnerability tracking
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact line numbers for bugs. Also, the process in FOSSA can be quite contradicting and not very straightforward for new users.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features of Debricked Security is its ability to integrate with other tools like the Software Security Center and Fortify on Demand. This integration allows users to make comparisons and generate detailed reports based on the data that Debricked Security populates or aggregates. While this feature may not be unique, it is highly effective for detecting vulnerabilities and providing comprehensive insights."
"I am impressed with the tool’s seamless integration and quick results."
"FOSSA is at the heart of the license compliance part of our open-source management program."
"It improves productivity, saving a lot of time for our software developers."
"FOSSA suggests solutions for dependency mismatches."
"FOSSA is not cheap, but their offering is top-notch."
"The scalability is excellent."
"FOSSA is easy to use and set up, provides relatively accurate results, and doesn't require armies of people to get value from its use."
"I found FOSSA's out-of-the-box policy engine to be accurate and that it was tuned appropriately to the settings that we were looking for. The policy engine is pretty straightforward... I find it to be very straightforward to make small modifications to, but it's very rare that we have to make modifications to it. It's easy to use. It's a four-category system that handles most cases pretty well."
 

Cons

"Debricked Security has already implemented several improvements, which are great. One area that could be improved is simplifying the process of converting other SBOM data formats into files that Debricked can understand. While the conversion isn't difficult, it is pretty technical and could be challenging for non-technical users. Apart from that, all software features work seamlessly. The integration with endpoints took less than fifteen minutes, and everything from security conventions to automation rules works perfectly. As for AI, Debricked Security uses it effectively, reducing manual work and unnecessary analysis. It enhances data analysis, making it much easier for customers, which I appreciate about the tool."
"One thing that can sometimes be difficult with FOSSA is understanding all that it can do. One of the ways that I've been able to unlock some of those more advanced features is through conversations with the absolutely awesome customer success team at FOSSA, but it has been a little bit difficult to find some of that information separately on my own through FAQs and other information channels that FOSSA has. The improvement is less about the product itself and more about empowering FOSSA customers to know and understand how to unlock its full potential."
"I would like more customized categories because our company is so big. This is doable for them. They are still in the stages of trying to figure this out since we are one of their biggest companies that they support."
"The solution provides contextualized, actionable, intelligence that alerts us to compliance issues, but there is still a little bit of work to be done on it. One of the issues that I have raised with FOSSA is that when it identifies an issue that is an error, why is it in error? What detail can they give to me? They've improved, but that still needs some work. They could provide more information that helps me to identify the dependencies and then figure out where they originated from."
"On the dashboard, there should be an option to increase the column width so that we can see the complete name of the GitHub repository. Currently, on the dashboard, we see the list of projects, but to see the complete name, you have to hover your mouse over an item, which is annoying."
"One thing that can sometimes be difficult with FOSSA is understanding all that it can do."
"While running a FOSSA scan, it takes time for the results to reflect in the FOSSA UI portal."
"We have seen some inaccuracies or incompleteness with the distribution acknowledgments for an application, so there's certainly some room for improvement there. Another big feature that's missing that should be introduced is snippet matching, meaning, not just matching an entire component, but matching a snippet of code that had been for another project and put in different files that one of our developers may have created."
"The reports don't really work that well for us. They do provide good information but they perform poorly with either the number of projects, or components, in the system."
 

Pricing and Cost Advice

"Regarding the cost, in my country, I would say it is expensive. However, I’m not directly involved in the sales process, so I don't have the exact license costs."
"The solution's pricing is good and reasonable because you can literally use a lot of it for free."
"FOSSA is not cheap, but their offering is top-notch. It is very much a "you get what you pay for" scenario. Regardless of the price, I highly recommend FOSSA."
"Its price is reasonable as compared to the market. It is competitively priced in comparison to other similar solutions on the market. It is also quite affordable in terms of the value that it delivers as compared to its alternative of hiring a team."
"FOSSA is a fairly priced product. It is not either cheaper or expensive. The pricing lies somewhere in the middle. The solution is worth the money that we are spending to use it."
"The solution's cost is a five out of ten."
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
20%
Computer Software Company
13%
Financial Services Firm
10%
Comms Service Provider
8%
Manufacturing Company
19%
Financial Services Firm
13%
Comms Service Provider
9%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise8
 

Questions from the Community

What is your experience regarding pricing and costs for Debricked Security?
Regarding the cost, in my country, I would say it is expensive. However, I’m not directly involved in the sales process, so I don't have the exact license costs.
What needs improvement with Debricked Security?
Debricked Security has already implemented several improvements, which are great. One area that could be improved is simplifying the process of converting other SBOM data formats into files that De...
What is your primary use case for Debricked Security?
I initially did proof of value or concept walkthroughs of Debricked Security for the customer. I demonstrated the value of Debricked and how it enhances their current security architecture. With my...
What is your experience regarding pricing and costs for FOSSA?
The solution's pricing is good and reasonable because you can literally use a lot of it for free. You have to pay for the features you need, which I think is fair. If you want to get value for free...
What needs improvement with FOSSA?
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact lin...
What is your primary use case for FOSSA?
I have worked with FOSSA primarily to manage the dependencies in our projects. For example, if I take a Spring Boot application, FOSSA helps in identifying mismatches or unsupported dependencies th...
 

Comparisons

 

Overview

 

Sample Customers

Information Not Available
AppDyanmic, Uber, Twitter, Zendesk, Confluent
Find out what your peers are saying about Veracode, Snyk, Black Duck and others in Software Composition Analysis (SCA). Updated: June 2026.
904,836 professionals have used our research since 2012.