If companies don't truly know the elements in their products, then they are set up for trouble. According to Brian Fox, Co-Founder, SVP and CTO of Sonatype, without this knowledge they won’t know how to address issues or if bad actors have infiltrated their products with disruptive parts. Brian advises that all aspects in the supply chain for software must be identified and secured just like any physical product.