Securing software supply chains and making software transparent.

We're a Sweden-based company. Everything we do is about software supply chain security and transparency. We work through commercial products, open source tools, and community work.

EU-based. EU-hosted. For teams that value data privacy and transparency.

Everything we build is about giving teams visibility and control over what's in their software. We started in 2018, bootstrapped from day one, and we've stayed focused on this problem ever since.

SBOM Observer is for analysis of software transparency documents: SBOMs, VEX, compliance reporting, and vulnerability management across your portfolio.

Transparency Portal lets you distribute transparency documents to customers, partners, and regulators. Proving compliance, not just achieving it.

Dependency Firewall is our Dependency Firewall. It controls what third-party components can enter your software supply chain, blocking risky or unwanted dependencies before they land in production.

Being bootstrapped means we move at our own pace, answer to our customers, and stay focused on what actually matters. No investors chasing growth metrics. No feature bloat.

We're EU-based and EU-hosted, so your data stays in Europe. Privacy and regulation matter here.

How we work

These principles guide everything we build.

Clarity.
Software components should be transparent, not hidden. We build tools that make visibility the default, not an afterthought.
Practicality.
Compliance frameworks are real. We focus on what actually works for engineering and security teams—not theoretical exercises.
Trust.
In Europe, data stays in Europe. We're EU-based and EU-hosted, so your software transparency data never leaves the continent.
Independence.
We're bootstrapped. No venture funding means we answer to our customers, not investors chasing growth at all costs.
Focus.
We specialize in SBOM management and software transparency. We do this one thing deeply, not chase every trend.
Openness.
We believe in transparent workflows, open standards like CycloneDX and SPDX, and honest communication with our users.

Get in touch with our team

Book a Demo or contact us to discuss your setup.

Book a Demo

Built by people who've lived this problem

We started because we were frustrated. We've worked in security, compliance, and operations at enterprises large and small. We know what works and what doesn't.

Now we're focused on building products that actually solve problems instead of creating more.