Phylum Launches a Threat Feed of Open-Source Malware, Introduces Phylum App for Sumo Logic

Organizations can now see Phylum’s automated software supply chain attack threat data in Sumo Logic and correlate findings for informed remediation

EVERGREEN, Colo., Dec. 7, 2023 /PRNewswire/ — Phylum, The Software Supply Chain Security Company, today announced the availability of the Phylum Threat Feed and its partnership with Sumo Logic. With the Phylum App for Sumo Logic, users can know if their organization has been impacted by software supply chain risks, including:

  • Zero-day attacks
  • Credential stealers
  • Typosquatting
  • Malicious authors
  • Nation-State attacks

Phylum specializes in identifying and mitigating software supply chain attacks, focusing on protecting developers against threats originating from open-source ecosystems. By meticulously monitoring and analyzing every package published in real-time across seven diverse ecosystems – npm, PyPI, RubyGems, Nuget, Crates.io, Golang, and Maven – Phylum provides an unparalleled perspective on potential security threats targeting software packages and the developers that use them.

“Just like the bad actors who use phishing emails and social engineering to gain access to networks, attackers use the open-source ecosystem to target organizations and trick unsuspecting developers into installing malware. The Phylum Threat Feed enables the detection and tracking of attacker behavior across each package registry, and with Phylum’s new Sumo Logic integration, our customers can now correlate this Threat Feed with log data collected across their entire digital attack surface, translating to timely, contextualized insights into the strategies and mindsets of threat actors,” said Drew Horn, Senior Director of Technology Alliances at Sumo Logic.

The Phylum Threat Feed provides a curated view of malicious packages that are published into the open-source ecosystem. The feed shows automated, high signal threat data that informs organizations of software supply chain attacks that have been executed as well as indicators of potential future threats. This high-fidelity data is actionable on its own, and can now be consumed in Sumo Logic to enrich other findings.

Subscribe to the Phylum Threat Feed here.

Install the Phylum App for Sumo Logic here.

About Phylum

Phylum is on a mission to secure the universe of code. Its platform automates software supply chain security to contextualize risks, block attacks and allow users to only use open-source code that they trust. The company is built by a team of career security researchers and developers with decades of experience in U.S. Intelligence Community and commercial sectors. Phylum is the winner of the Black Hat 2022 Innovation Spotlight Competition and was named a Top Infosec Innovator by Cyber Defense Magazine. Learn more at https://phylum.io, read The Phylum Research Blog, and follow us on LinkedIn,  Twitter and YouTube.

SOURCE Phylum


Go to Source