Discord Contact
Phylum Research Team

Phylum Research Team

Hackers, Data Scientists, and Engineers responsible for the identification and takedown of software supply chain attackers.
Phylum's Monthly Malware Report: May 2022 - Precarious Payloads

Phylum's Monthly Malware Report: May 2022 - Precarious Payloads

Phylum Research
In order to combat the massive uptick in software supply chain attacks, and proactively defend against software supply chain-borne threats from the open-source ecosystem, Phylum has been purpose-built to provide near-real-time, proactive analysis of packages as
Phylum Research Team 4 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Phylum’s Monthly Malware Report: April 2022 - Malware Magnified

Phylum’s Monthly Malware Report: April 2022 - Malware Magnified

Phylum Research
In order to combat the massive uptick in software supply chain attacks, and proactively defend against software supply chain-borne threats from the open-source ecosystem, Phylum has been purpose-built to provide near-real-time, proactive analysis of packages as
Phylum Research Team 10 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Reduce Friction between Developers & AppSec Teams

Reduce Friction between Developers & AppSec Teams

Phylum Insights and Resources
Successful organizations will make the shift to a developer-first approach to application security and find ways to increase collaboration with development and security personnel.
Phylum Research Team 1 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns

Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns

Phylum Research
Relying on security research to manually discover open-source packages that exhibit supply chain issues is no longer enough. To truly mitigate the risk of using open-source software written by strangers on the Internet, we must analyze
Phylum Research Team 4 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Securing the Innovation Pipeline – 5 Key Considerations on Software Supply Chain Risk

Securing the Innovation Pipeline – 5 Key Considerations on Software Supply Chain Risk

Phylum Insights and Resources
Open-source software growth will continue to outpace proprietary software and 80% of IT leaders expect to increase their use of open-source software for emerging technologies and innovation.
Phylum Research Team 2 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies