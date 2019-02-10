After outlining the risks, Crawford and Odence detailed how software composition analysis (SCA) can help developers take a proactive stance before incorporating open source risk into their software. Specifically, SCA can help you to:

Identify and clarify licensing issues that may be connected to your use of open source.

Discover and track open source security issues, including distinction between software versions. (For example, v1.1 may have a known vulnerability patched in v1.2 of the same software.)

Integrate open source risk management into your overall secure software development life cycle, essential to modern DevOps environments.

Of course, those are only some of the highlights of the 60-minute webinar. I encourage you to watch it in full at your convenience. You’ll learn more about the threats open source can pose and the ways that businesses can better evaluate and mitigate them. There’s a way to manage open source risk that fits with the central role open source plays in the fast-moving world of software innovation.