Ensuring the safety of open-source components used by teams and sites can be effectively managed with a software composition analysis (SCA) tool like JFrog Xray, which offers vulnerability and license compliance scanning integrated into the software development lifecycle. Xray provides enterprise-wide visibility into software components, supporting fast distribution without vulnerabilities or license issues, whether on-premises, in the cloud, or in hybrid environments. To implement Xray, users must log in to their environment, set up JFrog Artifactory with their chosen repository, define security and license compliance policies, select repositories to monitor, and assign these policies to watches. Users can manually trigger scans to ensure immediate application to relevant artifacts, with results displayed in a dependency tree highlighting detected security vulnerabilities.