Phylum integrates with Sumo Logic to identify software supply chain attacks
With the Phylum App for Sumo Logic, users can know if their organization has been impacted by software supply chain risks, including:
- Zero-day attacks
- Credential stealers
- Malicious authors
- Nation-state attacks
Phylum specializes in identifying and mitigating software supply chain attacks, focusing on protecting developers against threats originating from open-source ecosystems.
By meticulously monitoring and analyzing every package published in real-time across seven diverse ecosystems – npm, PyPI, RubyGems, Nuget, Crates.io, Golang, and Maven – Phylum provides an unparalleled perspective on potential security threats targeting software packages and the developers that use them.
“Just like the bad actors who use phishing emails and social engineering to gain access to networks, attackers use the open-source ecosystem to target organizations and trick unsuspecting developers into installing malware. The Phylum Threat Feed enables the detection and tracking of attacker behavior across each package registry, and with Phylum’s new Sumo Logic integration, our customers can now correlate this Threat Feed with log data collected across their entire digital attack surface, translating to timely, contextualized insights into the strategies and mindsets of threat actors,” said Drew Horn, Senior Director of Technology Alliances at Sumo Logic.
The Phylum Threat Feed provides a curated view of malicious packages that are published into the open-source ecosystem. The feed shows automated, high signal threat data that informs organizations of software supply chain attacks that have been executed as well as indicators of potential future threats. This high-fidelity data is actionable on its own, and can now be consumed in Sumo Logic to enrich other findings.