malware-detection
Safeguard articles tagged "malware-detection" — guides, analysis, and best practices for software supply chain and application security.
31 articles
Detecting cryptomining malware in container images
Cryptomining malware like Kinsing and TeamTNT quietly hijacks container CPU cycles to mine Monero. Here's how it gets in, how to spot it, and how to stop it.
Real-time threat feed for open source malware detection
Malicious npm and PyPI packages spread in hours, not days. Here's why real-time threat feeds beat periodic scans, and how Safeguard detects supply chain malware before install.
Minimum release age / cooldown policies for new package v...
A cooldown on new npm package versions can block malicious releases before they reach your build. Here's how minimum release age policies work.
How to Detect Malicious npm Packages: A Workflow
A practical detection workflow for malicious npm packages: install-time signals, registry heuristics, reachability checks, and CI gates that actually block attacks.
Detecting malware and runtime threats in ECR and EKS with...
How GuardDuty ECR malware protection and EKS runtime monitoring catch cryptominers and malicious images, where the coverage gaps are, and how Safeguard closes them.
Socket.dev: Detecting Supply Chain Attacks Before They Hit
A review of Socket.dev's approach to supply chain security, focusing on behavior analysis of npm packages, install script detection, and typosquatting prevention.
Open Source Malware Detection Techniques for Package Registries
Malicious packages on npm, PyPI, and other registries are surging. Here are the techniques researchers and tools use to detect them.