Open source software has become integral to modern development, with many organizations relying on it to build and enhance their products quickly and efficiently. While industry giants like Google, Facebook, and Microsoft actively contribute to the Free and Open Source Software (FOSS) ecosystem, the inherent security risks associated with open source components pose a significant challenge. These risks stem from known vulnerabilities that are publicly documented and exploitative by nature, as seen in high-profile cases like Heartbleed and the Equifax breach. Despite the collaborative efforts of the open source community and security researchers to identify and fix vulnerabilities, the decentralized nature of information about these vulnerabilities makes it difficult for organizations to manage them effectively. To address these challenges, companies are increasingly adopting automated Software Composition Analysis (SCA) tools to track and manage their open source usage, ensuring prompt remediation of vulnerabilities and integrating security practices into their development processes. This proactive approach, known as the "Shift Left" movement, emphasizes the importance of addressing security concerns early in the product lifecycle to harness the benefits of open source while minimizing risks.