By Ron Miller. This article originally appeared in TechCrunch on February 23, 2017.
FOSSA wants to help developers manage the tricky terrain of open source license management, and today it announced a $2.2 million seed round. The company also announced that its license management product by the same name was available in open Beta.
Let’s start with the funding, which was led by Bain Capital Ventures along with an all-star list of participants including Salesforce Chairman and CEO Marc Benioff, former YouTube CTO/co-founder Steve Chen, former Skype CTO/co-founder Jaan Tallinn, Cloudera CTO/co-founder Amr Awadallah and Tinder CMO/co-founder Justin Mateen.
It seems that these folks recognize that this company is attempting to solve a serious problem around open source license management. FOSSA’s 22-year old founder, Kevin Wang, says today’s programs tend to be made up of a series of open source and third-party components, each with its own unique attribution requirements. Trying to keep up with this has been a daunting task for developers, and there has been a dearth of solutions. In fact, most people use a spreadsheet to track licensing requirements manually, Wang explained.
“It’s 2017 and we don’t know what we are shipping in production. Developers don’t have control of their code,” he said.
His product is supposed to solve that problem by analyzing the code in an entirely automated fashion, finding the license requirements, and offering fixes when a problem is found (integrating the recommendations into trackers like Jira or even communications tools like Slack). It includes proper legal language (written by open source lawyers, according to Wang) and it also automates all disclosures and attributions.
Salil Deshpande, who is managing director at lead investor Bain Capital Ventures says this was the only enterprise-grade solution of its kind he has seen. “Modern development trends are adding profound speed and risk to software development … automated license management is no longer just nice to have, it’s dangerous to not have it,” he said in a statement.
That’s because there are legal implications for failing to provide the proper attribution in the code. While Wang wouldn’t say his solution was fool-proof, he said it gets development teams closer to full compliance than trying to do it manually, a nearly impossible task for a modern application with hundreds of plug-ins and libraries. “At the end of the day the responsibility lies with the customer, but we are offering a way to get as compliant as possible with the least effort,” Wang said.
The company launched in 2014, and has fewer than 10 employees today. Wang plans to use the seed money to expand engineering, sales and go-to market efforts.