Best Dependency Security · pricing · Updated June 2026
FOSSA pricing (2026)
FOSSA starts at $0/mo (Free), across 3 plans. Best for license compliance. Every figure links to FOSSA's own page and the date we captured it.
At a glance
- Entry price: $0/mo (Free)
- Free tier: Yes
- Compliance: HIPAA — · SOC 2 Yes · GDPR —
- Best for: license compliance; SBOM management; legal/compliance teams; regulated industries requiring attribution reports
FOSSA plans & pricing
| Plan | Monthly | Annual | Billing | Notes | Source |
|---|---|---|---|---|---|
| Free | $0 | — | flat | Forever free. 5 projects, 10 contributing developers, 1 release group, 5 dependency levels, 1 quality check (outdated packages), 5 imported SBOMs. Includes container scanning, basic email support, API access, SBOM export. | fossa.com |
| Business | $20 | −10% | flat | $20 PER PROJECT/month billed annually (priced per project, NOT per developer). Up to 10 projects, 10 contributing developers, 1 release group, unlimited dependency levels, full quality check suite, unlimited imported SBOMs. Automated license and vulnerability scanning, multi-project reporting, priority support. ~10% savings with annual billing. | fossa.com |
| Enterprise | Quote-only | — | custom | Custom pricing, contact sales. Unlimited projects, custom developer count, unlimited release groups and dependency levels. Adds enterprise APIs, SSO, RBAC, custom deployment options, advanced compliance reporting. Optional add-ons: Snippet Scanning, Binary Scanning. | fossa.com |
Last verified 2026-06-18. Pricing re-verified at fossa.com/pricing on 2026-06-18. Free $0, Business $20 PER PROJECT/month (billed annually) — not per developer — Enterprise quote-only. SOC 2 confirmed via fossa.com/trust; HIPAA not stated.
Capabilities
Integrations: GitHub, GitLab, Bitbucket, Jenkins, GitHub Actions, Jira, Docker.
Key features: License compliance focus with deep dependency-level analysis; SBOM import and export across all tiers including free; Snippet scanning for AI-generated and unlicensed code (Enterprise add-on); Binary scanning for compiled artifacts and containers (Enterprise add-on).
Plan limits: Free: 5 projects, 10 developers, 5 imported SBOMs, 1 quality check; Business: 10 projects, 10 developers, annual billing required; Business: priced per project ($20/project/mo), FOSSA CLI required for scanning.
Frequently asked questions
How much does FOSSA cost?
FOSSA starts at $0/mo (Free); it has 3 published plans. Verified 2026-06-18.
Is FOSSA cheaper billed annually?
Yes. FOSSA publishes a 10% discount for paying annually (on the Business plan). Verified 2026-06-18.
Does FOSSA support HIPAA?
FOSSA HIPAA support: —. SOC 2: Yes. GDPR: —.
Does FOSSA have a free plan?
FOSSA free tier: Yes.