Checkmarx launches Supply Chain Threat Intelligence
The software supply chain is increasingly being weaponized by attackers seeking to compromise businesses and steal information.
Application security specialist Checkmarx is looking to combat this with the launch of a new product which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.
Supply Chain Threat Intelligence offers a number of features including identification of malicious packages by attack type such as dependency confusion, typosquatting, chainjacking and more. There's also analysis of contributor reputation through identification of anomalous activity within open source packages; intelligence on the malicious behavior of packages, including static and dynamic analysis to understand how the code runs; and a data lake that allows the ongoing analysis of packages long after they have been deleted from package managers, with over one million packages scanned per month.
"In 2022, Checkmarx researchers exposed some of the most prolific open source attack groups, including RED-LILI and Lofygang," says Checkmarx CEO Emmanuel Benzaquen. "Given the dramatic proliferation of malicious open source packages from organized attack groups, we’re pleased to empower security stakeholders by revealing adversarial motives, tactics, techniques and procedures in a constantly updated intelligence feed."
The product is delivered as an API that is simple for users to integrate into many dashboards and development environments. Users obtain a unique token from Checkmarx, send in a package name and version and receive back threat intelligence on the package.
"Our Checkmarx Labs supply chain security team discovered 150,878 unique malicious packages in 2022 alone," says Erez Yalon, VP of security research at Checkmarx. "We're seeing attackers continue to strike and publish malicious packages even after they’ve been reported. They simply create new sock-puppet accounts and nothing stops them from doing so. Their relentless malicious behavior and the increasing velocity of new malicious package releases have led us to share our threat intelligence to help keep the open source ecosystem safe."
Find out more and request a demo on the Checkmarx site.