Phylum Insights and Resources

Achieve Policy Automation in Open-Source Software

Phylum provides tools to proactively manage policy and allows organizations to create custom options to moderate issues stemming from open-source packages.

Phylum Research Team Sep 22, 2022 7 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Loading WASM Extensions

Phylum extensions can load Typescript and run Web Assembly. Enabling the logic of extensions to be built in languages that users are familiar with....

Phylum Research Team Sep 9, 2022 6 min read

The Unacknowledged Risk of Authors

One of the largest (and most oft ignored) attack surfaces across the software supply chain is also one of the most obvious: package maintainers. While...

Phylum Research Team Aug 25, 2022 3 min read

Build Your Own Software Supply Chain Extensions

Phylum has added support for Software Supply Chain Extensions. Adding another layer of automation and customizability for all users....

Phylum Research Team Aug 24, 2022 4 min read

Reduce Friction between Developers & AppSec Teams

Successful organizations will make the shift to a developer-first approach to application security and find ways to increase collaboration with development and security personnel....

Phylum Research Team Mar 22, 2022 1 min read

Phylum Insights and Resources

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

Subscribe to our insights