This report includes insights and recommendations intended to help organi- zations and their security, risk, legal, and development teams better understand the open source security and license risk landscape as they strive to improve their application risk management processes. (more available)