EdgeBit is a software supply chain security company that has been acquired by FOSSA. The platform focuses on continuous software composition analysis (SCA), vulnerability management, and automated dependency remediation for software development teams. Core platform capabilities include: - Continuous SCA and SBOM (Software Bill of Materials) generation, cataloging open source usage and mapping vulnerabilities to running production workloads - Dependency Autofix, which uses static analysis, code reachability, and AI to automatically generate and merge safe dependency updates - Build and runtime reachability analysis to prioritize vulnerabilities based on whether vulnerable code paths are actually executed - Integration with CI/CD pipelines (GitHub Actions, GitLab, Jenkins, Buildkite) and container orchestration platforms (Kubernetes, ECS/AWS) Solutions offered address vulnerability management, software inventory and SBOM generation, software supply chain regulation compliance (including US and EU regulations), and open source dependency governance. EdgeBit integrates with tools such as Docker, Kubernetes, AWS, Azure, Google Cloud, Jira, and Vanta. The platform is built on open source technologies including eBPF, SPDX, sigstore, in-toto, and OCI/Docker standards. The company also maintains open source projects including the EdgeBit Linux Agent and Enclaver, a toolkit for software enclave adoption. The platform is SOC 2 certified. Target users include engineering and security teams seeking to reduce vulnerability remediation toil and meet compliance SLAs related to software supply chain security.