STOCKHOLM, SE – 14/11/2025 – (SeaPRwire) – In a move that redefines the scope of Software Composition Analysis (SCA), FossID has unveiled Custom Volumes, a major enhancement to its SCA toolkit that enables organizations to build and manage their own knowledge bases of proprietary, commercial, or third-party code. This new capability allows enterprises to scan and analyze software assets beyond the open-source domain, offering a unified view of all code components that make up modern software products.
Traditionally, SCA tools have focused primarily on identifying open-source components and ensuring license compliance. FossID’s Custom Volumes extends this boundary by giving users the ability to scan any source code they define—be it internal, proprietary, or vendor-supplied. Through the FossID Workbench or FossID Toolbox, developers can now configure, run, and automate scans that leverage FossID’s patented signature-matching engine to locate even partial code matches across diverse repositories.
Addressing Hidden Risks in Proprietary and Commercial Software
The introduction of Custom Volumes builds on FossID’s previous Component Intake feature, which could recognize specific proprietary components. However, the new enhancement goes a step further, enabling users to train FossID’s AI-driven scanning engine to detect snippets and partial matches, strengthening software integrity verification and IP management processes.
This innovation arrives at a crucial time when many technology enterprises are accelerating open-source adoption while facing increasing concerns over intellectual property protection. “For us, license compliance has become secondary—protecting our IP is our top priority,” said a FossID customer in the global semiconductor industry.
With Custom Volumes, companies can now proactively prevent unintentional IP leakage when contributing to open-source projects. By scanning proposed contributions before release, FossID’s snippet detection engine helps organizations ensure that no internal code is inadvertently exposed, preserving confidentiality while promoting responsible open-source participation.
Aligning with Global Software Bill of Materials (SBOM) Requirements
The new feature also strengthens compliance with emerging global standards such as the EU Cyber Resilience Act (CRA), which mandates comprehensive Software Bill of Materials (SBOM) documentation—including details of commercial software components. FossID’s SCA platform already supports the creation of SBOMs and open-source license notices, and with Custom Volumes, users can now identify non-open-source components for inclusion in these reports—closing a critical compliance gap.
“Software Composition Analysis has long centered on open-source code,” said Daniel Forsgren, CTO at FossID. “Custom Volumes expands that perspective, allowing our customers to apply the same accuracy and confidentiality of FossID scanning to any dataset. It’s a leap forward for software supply chain transparency, IP protection, and long-term product resilience.”
Availability and Security
Custom Volumes is now available as an add-on to the FossID SCA suite. Like all FossID offerings, it maintains strict privacy safeguards—ensuring that no source code ever leaves the customer’s environment during scans.
About FossID
FossID provides advanced Software Composition Analysis (SCA) tools and auditing services to help organizations safeguard their software supply chains. Its technology offers deep insights into open-source, third-party, and proprietary components—enabling compliance, IP protection, and security in an increasingly complex development landscape. FossID serves clients across industries including automotive, aerospace, telecommunications, healthcare, and embedded systems.