https://techcrunch.com/2018/10/17/whitesource-nabs-35m-to-track-open-source-code-for-security-vulnerabilities/

Open source software — a $14 billion market — has become a cornerstone for building apps and other IT services, with some 97 percent of developers today using using open source components of one form or another in their work. That popularity, however, belies a critical challenge: some of the most ubiquitous open source packages around are rife with vulnerabilities, so using them increases the risk of a security breach.

Rather than (unrealistically) expecting organizations to stop using open source components, there is a new wave of startups that are emerging to help them tackle this problem head on, by tracking open source components in their code, identifying when there are vulnerabilities, and providing routes to fix them. And today, one of the pioneers in the space, Israel-based WhiteSource, is announcing that it has raised $35 million to expand the scope of its work — by hiring more engineers, doubling down on its platform and coming to more geographies — it currently has offices in New York, Boston and Tel Aviv — to expand beyond the 500 large enterprises that use its tools today (including 23 percent of Fortune 100 companies).