Widespread in contemporary enterprises, open source software (OSS) facilitates swift solution development by incorporating pre-built components crafted and managed by external developers. Although the utilization of OSS undeniably yields advantages, the detection of security vulnerabilities within these components can result in severe consequences. The expanding scale and intricacy of the OSS ecosystem pose specific challenges: How can one ensure the reliability of the OSS employed for business operations? How can security risks be mitigated in a DevOps environment that prioritizes speed? This presentation will delve into insights gained from utilizing OSS software at the heart of organizational processes and examine recommended practices for navigating these challenges.