The percentage of Open Source Software (OSS) that commercial software solutions are composed of is growing rapidly. It is not uncommon for Linux and other OSS components to represent the lion share of the software running on an embedded device. In recent years a lot of attention and effort has gone into developing OSS license compliance best practices. Another area given less attention yet continues to grow in importance is software export compliance. Although different governments have different regulations for software, what's universal is that software export compliance centers on the use of encryption software. It is often difficult to answer questions about the existence or use of encryption software for OSS that a developer uses (but did not write). We discuss best practices used to identify encryption in software, and open source tools that can assist with the task.