Strategies for open source?

It’s rare to take on a project these days that doesn’t include at least some small chunk of open source tech. it’s hard to secure those things, and I’m curious what people are doing to try and tackle that potential security gap.

What are you doing in your shop?