Challenge
- No scalable way to determine liability of open source in use
- Retrospective manual security practices
- Manual declaration of component usage to security team by developers
- No visibility into open source libraries used within a project
- Could not monitor and track open source within production