Frequently Asked Questions

About our services

We have an unusual request - do you do [SERVICE]?

We might! If it has to do with managing open source, we can probably help you. We have experts with expertise in security, technology, and community. And if you are already a subscriber to our Virtual OSPO service, it won't cost you any extra. Just contact us for a discussion.

Do you do short-term services, like for M&A?

Yes, we perform comprehensive services for M&A teams. Software composition analysis, policy review, community goodwill valuation measures, we have been there. Our unique structure also allows us to maintain attorney-client privilege while we do so.

We already have Black Duck, FOSSA, Sonatype, and other tools. What do you do that is different?

All those tools are great - we use them too! But we don't just "run a report" and give you the output. We have the expertise to help you weed out false positives, identify helpful mitigation strategies, and assess community impact from your decisions.

Our agreements

Why do we need to sign an engagement letter with a law firm? Can't we just hire OSPOCO?

OSPOCO provides an expert consulting service under the direction of legal counsel. We do it this way to make sure that any discussions having to do with M&A activity, license noncompliance, and security vulnerabilities are all covered under privilege.

Becoming an OSPOCO associate

I'm a member of the open source community. Can I become an OSPOCO associate?

Yes! Contact us and make sure you mention your interest in becoming an associate.