Protect against malicious attacks and unintended consequences
Protect Developer Keys & Secrets
Pre-install open-source packages in an environment that restricts access to the network, filesystem, and environment variables
With Phylum Birdcage
A package is installed that ships SSH keys to a service listening on :9090
The sandbox prevents the malicious package from reaching out to the service and protects the SSH keys
The Phylum Birdcage
An open-source, freely available solution to sandbox package installations and protect developers
Birdcage Bug Bounty
Attack the developer during package install and steal their secret key
Malware | Mar 29, 2023
Phylum Discovers NPM Package mathjs-min Contains Credential Stealer
Phylum identifies software supply chain attackers subtly modifying a...
Malware | Mar 22, 2023
Malicious Actors Use Unicode Support in Python to Evade Detection
Phylum uncovers a threat actor taking advantage of how the Python in...
Malware | Feb 28, 2023
A PyPI typosquatting campaign post-mortem
Phylum performs a thorough breakdown of a typosquat campaign on PyPI...