One of the better additions to security in recent years is source composition analysis, which sits in the gap between static analysis and dynamic analysis.