Source Auditor provides specialized expertise, a well developed analysis methodology, and a proprietary open source search engine, which work together to provide you with a fast, comprehensive, and accurate open source audit.
 
Some open source audit tools only scan for copyrights and licenses, but often, open source is downloaded without the copyrights, and these tools would miss identifying such downloads of open source.  The Source Auditor search engine, on the other hand, compares your source code, line by line, against the actual code fingerprints of over 500,000 open source packages.  This database is continuously updated as new versions and new packages become available on the internet. 
 
Unlike other such tools which include large databases of open source packages, the Search Auditor open source engine is also fully aware of the genealogy of open source packages, and can pinpoint the exact origin of specific open source which may be available in dozens of open source packages.  Since the exact origin can drive the choice of associated license obligations, this is a key factor in creating a comprehensive and accurate audit. 
 
The Source Auditor search engine can also identify open source when only the binaries have been downloaded and no open source source code is present, further increasing the comprehensiveness of the audit.
 
Our technical analysis also scans the binaries that are distributed and deployed to customers, thereby automatically identifying the open source that is deployed.  Since the open source obligations only apply when the open source software is distributed, this information is vital to accurately identifying your true open source license obligations.
 
Finally, the Source Auditor software identifies any of your proprietary software which is linked through include files or static or dynamic linking to open source which is licensed under a viral or copyleft license.  This accurately pinpoints the viral contamination risk to your proprietary software.
 
Source Auditor can provide an audit either remotely or on your site premises, depending on your preferences and the typical audit duration is 2 weeks.   Source Auditor will charge a flat fee  of $12,000 for an open source audit regardless of the size of your code base.  Source Auditor will also charge travel costs if travel to your site outside the San Francisco Bay Area is required and approved.
 
After the analysis, Source Auditor will provide an inventory of open source identified, an inventory of license obligations, and a recommendation of changes or open source packages to replace.  For packages that need to be replaced, we will also provide a list of alternative open source packages with more commercially friendly licenses if those are available. If desired, Source Auditor can also recommend open source policies and processes to be put into place for future management of open source downloads.
 
All of our audits are guaranteed, as we do not bill until after you are completely satisfied with the audit results. 
 
Contact korak@sourceauditor.com to decide if an audit from Source Auditor makes sense for you