A first-to-market open source threat intelligence API that incorporates the 150,878 harmful packages found by Checkmarx Labs in 2022. It continuously updates it reveals hostile tactics, methods, and procedures (TTPs).
Supply Chain Threat IntelligenceTM, which provides detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behaviour, and more, is now immediately available, according to Checkmarx, the world leader in developer-centric application security solutions.
Supply Chain Threat Intelligence, based on exclusive research by Checkmarx Labs, provides:
- Identification of harmful packages by attack type, such as dependency confusion, typosquatting, chainjacking, and more.
- Analyzing the reputation of contributors by spotting unusual activity in open source packages.
- Information on malicious package behaviour, including static and dynamic analysis of the code to understand how it functions.
- A data lake with over a million packages scanned each month that enables continued research of packages long after they have been purged from package managers.
As an application programming interface (API), Checkmarx Supply Chain Threat Intelligence is supplied in a variety of dashboards and development environments. Users transmit a package name and version and receive threat intelligence on the package after receiving a special token from Checkmarx.
The API benefits security experts and developers by:
- Identify potential dangers in open source software packages quickly and simply.
- Gain insight into the thought process of threat actors.
- Get information on many packages at once using bulk inquiries.
- Keep up with cyberthreats with real-time updates and notifications on new and developing hazards.
- Acquire important context and insights on identified threats to guide security choices.
“In 2022, Checkmarx researchers exposed some of the most prolific open source attack groups, including RED-LILI and Lofygang,” said Checkmarx CEO Emmanuel Benzaquen. “Given the dramatic proliferation of malicious open source packages from organized attack groups, we’re pleased to empower security stakeholders by revealing adversarial motives, tactics, techniques and procedures in a constantly updated intelligence feed.”