• OpenLogic Exchange (OLEX)
• Wazi
• OSS Discovery
• The Open Source Census
• OpenLogic Blog
• Contact Us

• Home
• Solutions
• Products and Support
  • Support & Indemnification
  • Certified Library
  • OpenLogic Exchange (OLEX)
  • OLEX Enterprise Edition
  • OSS Discovery
  • OpenUpdate
  • Training & Services
    • Open Source Training
    • Professional Services
    • Application Audit
    • License Obligation Analysis
    • Get a Quote
• Partners
• Customers
• Community
• Company
• News and Events
• Downloads

Application Audit Service

Companies in a variety of industries are increasingly providing software, or products containing software, to their customers and partners. Many of these companies use open source software in the development of their own software applications, but open source components are often embedded into applications without approval by legal and compliance staff. There are thousands of open source software packages and hundreds of open source licenses available today, making it more difficult than ever to keep track of embedded components and the associated licenses. Without a comprehensive understanding of the open source packages and licenses embedded in their applications, companies that distribute software or products containing software may be at risk of violating the legal obligations of one or more licenses

OpenLogic's Application Audit service provides the license information companies need to understand and reduce risks related to the use of open source in products they distribute. The Application Audit service analyzes internally-developed software for open source packages and identifies the bill of materials and bill of licenses for open source components. Once an application has been scanned, OpenLogic aggregates the scan information and creates comprehensive reports that give companies the information they need to make informed decisions about distribution.

What's Included

OpenLogic's Application Audit service gives companies a fast, easy way to audit software applications for embedded open source packages and licenses. The Application Audit services includes:

How It Works

OpenLogic's Application Audit service is available on a one-time or recurring (subscription) basis. Once your Application Audit request has been received, a representative from the OpenLogic services team interviews the appropriate members of your engineering team to gain an understanding of key issues relating to the application to be analyzed. This interview covers topics such as how open source packages are used in development, whether or not source code has been modified, the method of linking used in development, and whether and how the application is to be distributed. Next, OpenLogic's services team uses several scanning options and tools to scan the binaries and source code of your application. Once the scan has been completed, your Application Audit reports are created and delivered.

Multiple Scanning Tools for Increased Accuracy

Although there are many different scanning tools available (both open source and commercial), no single tool provides the most accurate audit in every situation. Each tool overlooks certain instances of open source usage and also identifies false positives. OpenLogic's services team employs multiple tools, based on the specifics of your application, to provide the best results.

Ensure Compliance with Open Source Licenses

License prolification in recent years has resulted in hundreds of different open source licenses, including many similar licenses with minor modifications as well as non-standard "vanity" licenses. In addition, open source packages often include bundled components that have different licenses with conflicting obligations. For companies that embed software in distributed products, it can be difficult to comply with the varying terms and conditions of these licenses. These challenges are multiplied when an organization doesn't know for sure which open source packages and licenses are included in its products. The Application Audit service helps companies navigate this complex landscape and, combined with OpenLogic's License Obligation Analysis service, ensure compliance with open source licenses.

Get a Quote

Learn more about how OpenLogic can help you audit and analyze embedded open source components. Contact us today for a customized quote on the Application Audit service.

• Home
• Contact Us
• Open Source Support
• Open Source Governance
• Open Source Provisioning
• Consulting & Training
• Site Map
• Privacy Policy