Research   |   Jun 01, 2022

Hidden Dependencies Lurking in the Software Dependency Network

Part 1 in a blog series that will explore the software dependency...

Research   |   May 19, 2022

Phylum's Monthly Malware Report: May 2022 - Precarious Payloads

To combat software supply chain attacks Phylum has been purpose-built...

Research   |   Apr 19, 2022

Phylum’s Monthly Malware Report: April 2022 - Malware Magnified

In 30 days Phylum has processed a total of 647,928 packages across...

Technical Tips   |   Mar 22, 2022

Reduce Friction between Developers & AppSec Teams

Successful organizations will make the shift to a developer first...

Research   |   Mar 15, 2022

Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns

Phylum was purpose built to analyze the risk of all package releases...

Technical Tips   |   Mar 10, 2022

Securing the Innovation Pipeline – 5 Key Considerations on Software Supply Chain Risk

Open-source software growth will continue to outpace proprietary...

Technical Tips   |   Mar 08, 2022

Managing Software Supply Chain Security Risks

Software supply chain incidents have increased by over 400% last...

Technical Tips   |   Dec 03, 2021

Using Entropy to Identify Obfuscated Malicious Code

To avoid detection, malicious authors will deliberately obscure the...

Research   |   Nov 16, 2021

Recent NPM Malware

NPM, JavaScript’s most popular package manager has seen a rash of...

Industry Insights   |   Nov 10, 2021

SCA Is Dead

SCA is dead. SCA does not provide proactive discovery and analysis....