Discord Contact
Phylum For Artifact Repositories and Package Managers

Phylum For Artifact Repositories and Package Managers

Phylum Insights and Resources
Vet open-source software packages and block attacks before entering an organization or developer workstation.
Mikala Vidal 3 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Subscribe to our research

Keep up with the latest software supply chain attacks

⏲Please hold while we check our collection.

Something's gone wrong. Please try again.

Success! Check your inbox for our email.

The Great npm Garbage Patch

The Great npm Garbage Patch

Open-source spam is a growing threat. The Tea protocol and npm are taking action, but the problem persists. Our research is dedicated to combating this issue and protecting the integrity of the open-source ecosystem. See Phylum Research....
Phylum Research Team 5 min read