An organization should set up its own internal open source and third-party software database and selection criteria. The database keeps records of open source or in-house developed components adopted in projects. It will provide a good framework selection reference for similar projects such as the web security framework we discussed earlier. If you are looking for an open source component search database, try Open Hub. You may search open source projects and find what you need for the project: https://www.openhub.net/. Furthermore, the open source selection criteria help to reduce legal and quality risks.

A typical criteria checklist is listed in the following table: