Partnership with SCANOSS
ISIT
SCANOSS and ISIT Partner to Strengthen Open Source Compliance in French-Speaking Embedded Markets
Toulouse, France : SCANOSS is partnering with ISIT, a specialist in real-time embedded and safety-critical systems, to help organizations across French-speaking Europe gain greater visibility and control over their use of open source software.
From automotive and medical devices to industrial and IoT systems, ISIT has built a solid reputation for combining tools, consulting, and training to support safety, security, and software quality. Their portfolio covers code quality, cybersecurity, fieldbus and industrial network solutions, as well as compliance services for complex and regulated environments.
ISIT already provides training and advisory services on key standards and regulations for embedded and safety-critical development, including courses focused on the Cyber Resilience Act (CRA). By pairing this regulatory expertise with SCANOSS datasets, ISIT can support customers looking to move from one-off compliance efforts to continuous governance embedded directly into their development processes.
“A typical use case is an embedded device with years of accumulated code, multiple suppliers, and limited documentation. With SCANOSS, ISIT can help customers make software transparency practical in real-world environments.” — Charles Facey, Partner Sales Manager at SCANOSS.
ISIT will support French-speaking customers in France, Belgium, Luxembourg, and Switzerland with local-language services, first-line support, and training. SCANOSS will provide its SCANOSS KB and datasets as the foundational open source risk-intelligence layer, ready to integrate into existing CI/CD pipelines and toolchains.
“At ISIT, we see our partnership with SCAFINDER as a key enabler for stronger software transparency in embedded and regulated industries. SCAFINDER provides both development teams and governance functions with clear, actionable visibility into open-source usage—identifying undeclared components, mapping dependencies, and accurately assessing license and vulnerability exposure. Integrated into CI/CD pipelines, it enables continuous, data-driven software governance that scales with system complexity and regulatory requirements.” — Frédéric Maraval, ISIT Product Manager.
Together, SCANOSS and ISIT aim to offer embedded and industrial companies a realistic path toward stronger software transparency—replacing ad-hoc audits and static compliance documents with repeatable processes and dynamic inventories that keep pace with modern development and evolving regulations.
About SCANOSS
SCANOSS provides deep visibility into the software supply chain,powered by the SCANOSS KB, to help organizations detect undeclared open source. Designed to integrate seamlessly into developer and DevSecOps workflows, SCANOSS makes software transparency an everyday engineering practice.
About ISIT
ISIT is a French company specializing in real-time and embedded systems, software quality, and cybersecurity for safety- and mission-critical applications. ISIT combines tools, consulting, and training to help engineering teams design, develop, and certify secure and reliable systems.
From automotive and medical devices to industrial and IoT systems, ISIT has built a solid reputation for combining tools, consulting, and training to support safety, security, and software quality. Their portfolio covers code quality, cybersecurity, fieldbus and industrial network solutions, as well as compliance services for complex and regulated environments.
ISIT already provides training and advisory services on key standards and regulations for embedded and safety-critical development, including courses focused on the Cyber Resilience Act (CRA). By pairing this regulatory expertise with SCANOSS datasets, ISIT can support customers looking to move from one-off compliance efforts to continuous governance embedded directly into their development processes.
“A typical use case is an embedded device with years of accumulated code, multiple suppliers, and limited documentation. With SCANOSS, ISIT can help customers make software transparency practical in real-world environments.” — Charles Facey, Partner Sales Manager at SCANOSS.
ISIT will support French-speaking customers in France, Belgium, Luxembourg, and Switzerland with local-language services, first-line support, and training. SCANOSS will provide its SCANOSS KB and datasets as the foundational open source risk-intelligence layer, ready to integrate into existing CI/CD pipelines and toolchains.
“At ISIT, we see our partnership with SCAFINDER as a key enabler for stronger software transparency in embedded and regulated industries. SCAFINDER provides both development teams and governance functions with clear, actionable visibility into open-source usage—identifying undeclared components, mapping dependencies, and accurately assessing license and vulnerability exposure. Integrated into CI/CD pipelines, it enables continuous, data-driven software governance that scales with system complexity and regulatory requirements.” — Frédéric Maraval, ISIT Product Manager.
Together, SCANOSS and ISIT aim to offer embedded and industrial companies a realistic path toward stronger software transparency—replacing ad-hoc audits and static compliance documents with repeatable processes and dynamic inventories that keep pace with modern development and evolving regulations.
About SCANOSS
SCANOSS provides deep visibility into the software supply chain,powered by the SCANOSS KB, to help organizations detect undeclared open source. Designed to integrate seamlessly into developer and DevSecOps workflows, SCANOSS makes software transparency an everyday engineering practice.
About ISIT
ISIT is a French company specializing in real-time and embedded systems, software quality, and cybersecurity for safety- and mission-critical applications. ISIT combines tools, consulting, and training to help engineering teams design, develop, and certify secure and reliable systems.
