Lately I have been experimenting with Nexus IQ Server. This is a product from Sonatype. What I really like about this product is the overview it creates from all the external dependencies and their vulnerabilities.
Since open source is incorporated in more and more software projects I really think this is a valuable tool to implement in your tool stack. An example output is shown. Open source is hot and I feel that Sonatype masters this really nice in this part of their tooling software.
This tool can really help you fix your external dependency versions with known exploits!