Case Study: Milliman achieves faster open source risk management with FOSSA

How Milliman Uses Automation to Reduce Open Source Risk

Milliman, the international consulting and actuarial firm behind Arius® insurance reserving software, needed a better way to manage open source risk across its development process. Before using FOSSA, the team relied on manual methods to track open source components, dependencies, licenses, and vulnerabilities, which was time-consuming and made it difficult to quickly answer customer and security questions.

With FOSSA, Milliman automated open source code scanning, license compliance, vulnerability management, and software bill of materials generation across Azure DevOps and GitHub. The result was a “night and day difference”: faster identification and resolution of vulnerabilities, comprehensive SBOM reports in just a few clicks, improved application security, stronger customer trust, and major time savings for the engineering team.

Milliman

Charles Hoffman

Principal and Director of Software Development