Abstract: A method of controlling and managing open source software (OSS) resources used by developers in their software projects is provided herein. The method includes the following steps: analyzing the software projects, to yield a proprietary projects model that represents dependencies of source code portions of the software projects upon the OSS resources; generating and updating over time, OSS profiles for the OSS resources exhibiting technical and legal attributes; generating and updating over time, projects profiles for the software projects, based on the model and on monitoring and learning OSS resources usage by the developers; and monitoring actual OSS resources usage and providing the developers with at least one of: reports responsive to the changes the OSS; and guidance responsive to queries from the developers, wherein the reports and the guidance are based on the actual OSS usage, projects model, the projects profiles, and the OSS profiles.