No more typing reviews! Try our Samantha, our new voice AI agent.

FOSSA vs Xygeni comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FOSSA
Ranking in Software Composition Analysis (SCA)
11th
Average Rating
8.6
Reviews Sentiment
7.9
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Xygeni
Ranking in Software Composition Analysis (SCA)
15th
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
Application Security Tools (23rd), Software Supply Chain Security (14th), Application Security Posture Management (ASPM) (13th)
 

Mindshare comparison

As of July 2026, in the Software Composition Analysis (SCA) category, the mindshare of FOSSA is 2.4%, down from 3.2% compared to the previous year. The mindshare of Xygeni is 1.2%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA) Mindshare Distribution
ProductMindshare (%)
FOSSA2.4%
Xygeni1.2%
Other96.4%
Software Composition Analysis (SCA)
 

Featured Reviews

reviewer2588340 - PeerSpot reviewer
Senior Software Engineer at a manufacturing company with 10,001+ employees
Dependency management enhanced with update suggestions but lacks precise vulnerability tracking
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact line numbers for bugs. Also, the process in FOSSA can be quite contradicting and not very straightforward for new users.
AI
Business development manager at RSsecurity
Unified monitoring has reduced alert noise and provides accurate, proactive application security
Xygeni was highly effective for us, but there are areas where improvements could be made. More customization options for dashboards and reports would help teams tailor the platform to their specific metrics and workflows. I also occasionally encounter DevOps tools that are not yet supported natively. Expanded coverage for niche or emerging tools would make onboarding even smoother. These points, however, are minor compared to the overall value the platform delivers, especially given the strength of its AI-driven detection, remediation, and supply chain protection capabilities. It would also be an improvement for licensing with regard to on-premise variants. Perhaps we could have an on-premise option for standard subscription.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Prior to a Puppet Enterprise release, it would take approximately two to three weeks of dedicated engineering time by a single release engineer to go through license compliance, and we just did a release in late July or early August, and with FOSSA our license compliance review took five to ten minutes."
"It improves productivity, saving a lot of time for our software developers."
"Being able to know the licenses of the libraries is most valuable because we sell products, and we need to provide to the customers the licenses that we are using."
"FOSSA allows us to keep track of all dependencies to ensure they are up to date and not causing any vulnerabilities."
"The support team has just been amazing, and it helps us to have a great support team from FOSSA. They are there to triage and answer all our questions which come up by using their product."
"What I really need from FOSSA, and it does a really good job of this, is to flag me when there are particular open source licenses that cause me or our legal department concern. It points out where a particular issue is, where it comes from, and the chain that brought it in, which is the most important part to me."
"I found FOSSA's out-of-the-box policy engine to be accurate and that it was tuned appropriately to the settings that we were looking for. The policy engine is pretty straightforward... I find it to be very straightforward to make small modifications to, but it's very rare that we have to make modifications to it. It's easy to use. It's a four-category system that handles most cases pretty well."
"FOSSA is at the heart of the license compliance part of our open-source management program."
"The visibility of our open-source supply chain dependencies and real-time detection of vulnerabilities have been invaluable."
"Since using Xygeni, the time to review vulnerabilities has decreased."
"The best Xygeni feature is the ability to filter what is truly important, which really helps me focus on the key vulnerabilities in the software that I am building."
"Xygeni provides a comprehensive and developer-friendly approach to securing the entire software supply chain."
 

Cons

"I would like more customized categories because our company is so big. This is doable for them. They are still in the stages of trying to figure this out since we are one of their biggest companies that they support."
"FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually."
"While running a FOSSA scan, it takes time for the results to reflect in the FOSSA UI portal."
"I would like the FOSSA API to be broader. I would like not to have to interact with the GUI at all, to do the work that I want to do. I would like them to do API-first development, rather than a focus on the GUI."
"One thing that can sometimes be difficult with FOSSA is understanding all that it can do."
"One thing that can sometimes be difficult with FOSSA is understanding all that it can do. One of the ways that I've been able to unlock some of those more advanced features is through conversations with the absolutely awesome customer success team at FOSSA, but it has been a little bit difficult to find some of that information separately on my own through FAQs and other information channels that FOSSA has. The improvement is less about the product itself and more about empowering FOSSA customers to know and understand how to unlock its full potential."
"I wish there was a way that you could have a more global rollout of it, instead of having to do it in each repository individually. It's possible, that's something that is offered now, or maybe if you were using the CI Jenkins, you'd be able to do that. But with Travis, there wasn't an easy way to do that. At least not that I could find. That was probably the biggest issue."
"If you have thousands of applications, organizing them all into teams or tags is challenging."
"Xygeni was highly effective for us, but there are areas where improvements could be made."
"Xygeni can be more automated."
"Xygeni could be improved if on-premise options were available starting from the starter packages, not only the enterprise models."
"There should be more configuration options that make it easier to target the issues that are more important in your organization's context."
 

Pricing and Cost Advice

"The solution's cost is a five out of ten."
"Its price is reasonable as compared to the market. It is competitively priced in comparison to other similar solutions on the market. It is also quite affordable in terms of the value that it delivers as compared to its alternative of hiring a team."
"FOSSA is not cheap, but their offering is top-notch. It is very much a "you get what you pay for" scenario. Regardless of the price, I highly recommend FOSSA."
"FOSSA is a fairly priced product. It is not either cheaper or expensive. The pricing lies somewhere in the middle. The solution is worth the money that we are spending to use it."
"The solution's pricing is good and reasonable because you can literally use a lot of it for free."
Information not available
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
19%
Financial Services Firm
13%
Comms Service Provider
8%
Educational Organization
7%
Comms Service Provider
22%
Outsourcing Company
11%
Security Firm
11%
Construction Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise8
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for FOSSA?
The solution's pricing is good and reasonable because you can literally use a lot of it for free. You have to pay for the features you need, which I think is fair. If you want to get value for free...
What needs improvement with FOSSA?
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact lin...
What is your primary use case for FOSSA?
I have worked with FOSSA primarily to manage the dependencies in our projects. For example, if I take a Spring Boot application, FOSSA helps in identifying mismatches or unsupported dependencies th...
What is your experience regarding pricing and costs for Xygeni?
The pricing is reasonable. Xygeni provided me with the pricing list that is already public on the web, so it is very clear.
What needs improvement with Xygeni?
Xygeni can be more automated. The team is currently working on auto-remediation pipelines, which could be really helpful. There is probably room for improvement, but for me, it is one of the best t...
What is your primary use case for Xygeni?
I use Xygeni to perform SAST and SCA analysis, and to gain better understanding of how my deployment pipelines are configured. Xygeni helps me understand what I am deploying and the level of integr...
 

Comparisons

 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

AppDyanmic, Uber, Twitter, Zendesk, Confluent
BKool, Onum, Napptive, Fintonic, Adaion, Metricool, Arexdata, ...
Find out what your peers are saying about FOSSA vs. Xygeni and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.