Open source components now make up a majority of all applications. These packages speed up software development agility but are not without their risks. Addressing vulnerabilities and license compliance with DevSecOps is a scalable way to improve the posture of your applications. In this session, we’ll walk through some of the benefits, pitfalls and best practices for using open source packages in your cloud native applications, as well as how to embed software composition analysis practices and tools into your development process.