Docs
DocsAPICLIGlossary
Launch App
User Guides
Product Guides
ComplianceSecurityQualitySBOM Managementfossabot
Get Started
Project Setup
Release Groups
Issues
Licenses
Vulnerabilities
Quality
SBOM
Policies
Reports
FOSSA CLI
API Reference
Integrations
fossabot
Organization Management
On-Premises Deployment
Help & Support
Legal
Get Supportfossa.com
DocsProduct GuidesSecurity

Security

Find, prioritize, and fix vulnerabilities across your dependencies.

4 min read
Prerequisites: At least one project imported and scanning.

Start here

For Security Teams

Step-by-step onboarding path

What's inside

Reviewing Security Issues

Triage security vulnerabilities across all your projects from a single Issues inbox.

Read more

Security Policies

Define which vulnerability severities trigger issues and gate builds.

Read more

Container Scanning

Scan container images for vulnerabilities in base layers and dependencies.

Read more

Remediation Guidance

Get a prioritized upgrade plan that fixes the most vulnerabilities with fewest changes.

Read more

Binary / Decomp Analysis

Identify open source and vulnerabilities in compiled binaries and archives.

Read more

Key concepts

How FOSSA sources vulnerability data

FOSSA aggregates CVE data from NVD, GitHub Security Advisories, and its own review.

SBOM vulnerability detection

How FOSSA scans imported SBOMs for known vulnerabilities.

© 2026 FOSSA, Inc.support@fossa.com