Safeguard
Tag

malware-detection

Safeguard articles tagged "malware-detection" — guides, analysis, and best practices for software supply chain and application security.

31 articles

Container Security

Detecting cryptomining malware in container images

Cryptomining malware like Kinsing and TeamTNT quietly hijacks container CPU cycles to mine Monero. Here's how it gets in, how to spot it, and how to stop it.

Jun 23, 20267 min read
Product

Real-time threat feed for open source malware detection

Malicious npm and PyPI packages spread in hours, not days. Here's why real-time threat feeds beat periodic scans, and how Safeguard detects supply chain malware before install.

May 8, 20267 min read
Product

Minimum release age / cooldown policies for new package v...

A cooldown on new npm package versions can block malicious releases before they reach your build. Here's how minimum release age policies work.

May 7, 20269 min read
Best Practices

How to Detect Malicious npm Packages: A Workflow

A practical detection workflow for malicious npm packages: install-time signals, registry heuristics, reachability checks, and CI gates that actually block attacks.

Mar 6, 20267 min read
Container Security

Detecting malware and runtime threats in ECR and EKS with...

How GuardDuty ECR malware protection and EKS runtime monitoring catch cryptominers and malicious images, where the coverage gaps are, and how Safeguard closes them.

Jan 18, 20267 min read
Tool Reviews

Socket.dev: Detecting Supply Chain Attacks Before They Hit

A review of Socket.dev's approach to supply chain security, focusing on behavior analysis of npm packages, install script detection, and typosquatting prevention.

Aug 22, 20235 min read
Open Source Security

Open Source Malware Detection Techniques for Package Registries

Malicious packages on npm, PyPI, and other registries are surging. Here are the techniques researchers and tools use to detect them.

May 20, 20236 min read
malware-detection (Page 3) — Safeguard Blog