Securing Open Source Dependencies in the Public Cloud

A little while back (before we had this community), I wrote a blog and did a Lightboard presentation on Securing Open Source Dependencies in the Public Cloud.
https://ubuntu.com/blog/securing-open-source-software-dependencies-in-the-public-cloud

The Lightboard presentation is here:
https://www.youtube.com/watch?v=nnvsletLWNk

I hope that this starts some discussion on here. What steps are you currently taking to secure your open source dependencies? What tools have you found work well with Ubuntu on the public clouds?