Improved software supply chain security amid increasingly advanced and costly intrusions is being sought by Veracode with its acquisition of Phylum's malicious package analysis, detection, and mitigation technology, reports SiliconAngle.
Integrating Phylum's technology would enable Veracode's Software Composition Analysis platform to accelerate identification and response to malicious packages in open-source libraries while providing customers with improved visibility on open-source security risks. Such a deal, whose financial terms were not disclosed, also brings in Phylum researchers who have discovered almost 500,000 malicious packages to Veracode, which is poised to introduce the updated SCA product to the public later this year. "Uniting Veracode's platform and Phylum's malicious package detection and mitigation technology creates exceptional value for our customers worldwide. By combining our advanced research capabilities with Veracode's industry-leading platform, we're expanding the fight against software supply chain threats," said Phylum co-founder and CEO Aaron Bray.
