Software Composition Analysis (SCA) is a set of tools that provides users visibility into their open source inventory. SCA tools generate an inventory report of all open source components in the products. The more popular an open source component is, the greater the value to hackers of exploiting a vulnerability found in it. Once all the open source components have been identified, SCA tools provide information on each component. Basic information includes open source license and whether there is a security vulnerability associated with that component. Leading tools are able to automate the entire process of open source selection, approval and tracking, saving developers precious time, and increasing their accuracy.