{"id":96984,"date":"2024-08-19T13:48:25","date_gmt":"2024-08-19T13:48:25","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?page_id=96984"},"modified":"2026-02-10T23:49:41","modified_gmt":"2026-02-10T21:49:41","slug":"malicious-packages","status":"publish","type":"page","link":"https:\/\/checkmarx.com\/product\/malicious-packages\/","title":{"rendered":"Malicious Package Protection"},"content":{"rendered":"<section class=\"section-inner-hero-text-left page-without-header-bg__hero with-visual-bg\">\n\n    <div class=\"main-wrapper section-inner-hero-text-left__wrapper\">\n        <div class=\"section-inner-hero-text-left__wrap-text\">\n\t\t\t<p class=\"section-description-top\">Checkmarx One<\/p>\t\t\t<h1 class=\"section-title\">Malicious Package Protection<\/h1>\t\t\t<p class=\"section-description\">Identify \u2013 and eliminate the dangers of \u2013 malicious open-source packages throughout the SDLC, leveraging the industry\u2019s largest database of malicious packages. <\/p>            <div class=\"wrap-btns-hero\">\n\t\t\t\t        <a href=\"#demo\" class=\"btn btn-2 btn-bg accent demo\">Get a Demo<\/a>\n        \t\t\t\t        <a href=\"#features\" class=\"btn btn-2 border-2\">Discover More<\/a>\n                    <\/div>\n        <\/div>\n    <\/div>\n\t        <img decoding=\"async\" class=\"visual-bg\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/image_Hero_MPP-scaled.webp\" width=\"1122\" height=\"988\" alt=\"image_Hero_MPP\" loading=\"lazy\">\n        <\/section>\n\n<section class=\"section-slider-logo js-wrap-line-slider-logo\">\n    <div class=\"main-wrapper\">\n        <div class=\"swiper slider-hero-logo\">\n            <div class=\"swiper-wrapper\">\n                                    <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/01-Apple.svg\" alt=\"01 Apple\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/04-Salesforce.svg\" alt=\"04 Salesforce\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/05-Siemens.svg\" alt=\"05 Siemens\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/06-Walmart.svg\" alt=\"06 Walmart\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/07-Ford.svg\" alt=\"07 Ford\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/08-CITI.svg\" alt=\"08 CITI\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/09-VISA.svg\" alt=\"09 VISA\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/02\/the_carlsberg_group_logo_strip.svg\" alt=\"the_carlsberg_group_logo_strip\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/10-Elevance-Health.svg\" alt=\"10 Elevance Health\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/12-Orange.svg\" alt=\"12 Orange\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/13-Airbus-Group.svg\" alt=\"13 Airbus Group\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/14-Novartis.svg\" alt=\"14 Novartis\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/16-GE.svg\" alt=\"16 GE\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/17-Sainsburys.svg\" alt=\"17 Sainsbury's\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/18-PWC.svg\" alt=\"18 PWC\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/19-The-weather-company.svg\" alt=\"19 The weather company\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/20-CGI.svg\" alt=\"20 CGI\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/21-Adidas.svg\" alt=\"21 Adidas\">\n                                <\/div>\n                    <\/div>\n                                        <div class=\"swiper-slide\">\n                        <div>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/07\/22-SAP.svg\" alt=\"22 SAP\">\n                                <\/div>\n                    <\/div>\n                                <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"section-menu-page not-sticky platform-type\">\n    <div class=\"main-wrapper section-menu-page__wrapper\">\n        <ul class=\"section-menu-page__bread-crumbs\">\n            <li><a href=\"\/\">Home <i class=\"arrow-css right\"><\/i><\/a><\/li>\n\t\t\t            <li><a href=\"https:\/\/checkmarx.com\/product\/malicious-packages\/\" class=\"no-link\">Malicious Package Protection<\/a><\/li>\n        <\/ul>\n        <ul class=\"section-menu-page__nav js--menu-page\">\n\t\t\t                        <li class=\"section-menu-page__nav-item\">\n\t\t\t\t\t\t\t        <a href=\"#features\" class=\"section-menu-page__link js--menu-page-item is-active\" data-id-anchor=\"features\">Features<\/a>\n                                <\/li>\n\t\t\t\t\t                        <li class=\"section-menu-page__nav-item\">\n\t\t\t\t\t\t\t        <a href=\"#benefits\" class=\"section-menu-page__link js--menu-page-item\" data-id-anchor=\"benefits\">Benefits<\/a>\n                                <\/li>\n\t\t\t\t\t                        <li class=\"section-menu-page__nav-item\">\n\t\t\t\t\t\t\t        <a href=\"#faq\" class=\"section-menu-page__link js--menu-page-item\" data-id-anchor=\"faq\">FAQ<\/a>\n                                <\/li>\n\t\t\t\t\t                        <li class=\"section-menu-page__nav-item\">\n\t\t\t\t\t\t\t        <a href=\"#checkmarx-one\" class=\"section-menu-page__link js--menu-page-item\" data-id-anchor=\"checkmarx-one\">Checkmarx One<\/a>\n                                <\/li>\n\t\t\t\t\t        <\/ul>\n    <\/div>\n<\/section>\n\n\n<section class=\"section-creative-tab light-theme\" id=\"features\">\n    <div class=\"main-wrapper section-creative-tab__wrapper\">\n\t\t<h2 class=\"section-title\">Reduce the Risks of Malicious Packages<\/h2>\t\t<p class=\"section-description\">Leverage Checkmarx\u2019 automated scanning technologies and massive proprietary database of 420,000+ malicious packages to identify and remediate dangerous open-source code in your applications. <\/p>    <\/div>\n\n    <!-- only for mobile -->\n    <div class=\"main-wrapper section-creative-tab__content-mobile\">\n\t\t            <div class=\"section-creative-tab__item\">\n\t\t\t\t<p class=\"section-creative-tab__item_title\">Deep Malicious Package Detection <\/p>                <div class=\"section-creative-tab__item_visual-content\">\n\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/deep_malicious_package_detection-768x598.webp\" width=\"372\" height=\"290\" alt=\"_deep_malicious_package_detection\" loading=\"lazy\">\n                        <\/div>\n                <div class=\"section-creative-tab__item_description\">\n\t\t\t\t\t<p><\/p>\n<p>Checkmarx detects all open-source packages in use, including dependencies of other packages, to identify those known to contain malware or exhibit suspicious behavior.<\/p>\n                <\/div>\n            <\/div>\n\t\t\t            <div class=\"section-creative-tab__item\">\n\t\t\t\t<p class=\"section-creative-tab__item_title\">Unparalleled Malicious Packages Database<\/p>                <div class=\"section-creative-tab__item_visual-content\">\n\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Unparalleled-Malware-Database-768x599.webp\" width=\"372\" height=\"290\" alt=\"Unparalleled Malware Database\" loading=\"lazy\">\n                        <\/div>\n                <div class=\"section-creative-tab__item_description\">\n\t\t\t\t\t<p><\/p>\n<p>Checkmarx\u2019 multi-layered package analysis methodologies have identified more than 420,000 malicious packages to date.<\/p>\n                <\/div>\n            <\/div>\n\t\t\t            <div class=\"section-creative-tab__item\">\n\t\t\t\t<p class=\"section-creative-tab__item_title\">From Pre-Production to Runtime<\/p>                <div class=\"section-creative-tab__item_visual-content\">\n\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Detection-Across-the-SDLC-768x599.webp\" width=\"372\" height=\"290\" alt=\"Detection Across the SDLC\" loading=\"lazy\">\n                        <\/div>\n                <div class=\"section-creative-tab__item_description\">\n\t\t\t\t\t<p><\/p>\n<p>Checkmarx detects malicious packages in manifest files, binaries, and containers \u2013 and correlates runtime usage data available from Sysdig to prioritize remediation efforts.<\/p>\n                <\/div>\n            <\/div>\n\t\t\t            <div class=\"section-creative-tab__item\">\n\t\t\t\t<p class=\"section-creative-tab__item_title\">Package Reliability Metrics<\/p>                <div class=\"section-creative-tab__item_visual-content\">\n\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Package-Reliability-Metrics-768x599.webp\" width=\"372\" height=\"290\" alt=\"Package Reliability Metrics\" loading=\"lazy\">\n                        <\/div>\n                <div class=\"section-creative-tab__item_description\">\n\t\t\t\t\t<p><\/p>\n<p>Checkmarx rates the trustworthiness of each open-source package included in your applications, by package legitimacy, behavioral integrity and contributor reputation.<\/p>\n                <\/div>\n            <\/div>\n\t\t\t            <div class=\"section-creative-tab__item\">\n\t\t\t\t<p class=\"section-creative-tab__item_title\">Automated Policy Actions<\/p>                <div class=\"section-creative-tab__item_visual-content\">\n\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Automated-Policy-Actions-768x599.webp\" width=\"372\" height=\"290\" alt=\"Automated Policy Actions\" loading=\"lazy\">\n                        <\/div>\n                <div class=\"section-creative-tab__item_description\">\n\t\t\t\t\t<p><\/p>\n<p>Defined policies automatically take effect when malicious packages are detected. This can include sending alerts, generating incident reports, preventing pull requests and breaking builds.<\/p>\n                <\/div>\n            <\/div>\n\t\t\t    <\/div>\n\n    <!-- only for desktop -->\n    <div class=\"main-wrapper creative-tab__wrapper\">\n        <div class=\"creative-tab tabs\">\n            <div class=\"creative-tab__left\">\n                <ul class=\"tabs__caption\">\n\t\t\t\t\t                        <li class=\"active\">\n\t\t\t\t\t\t\t<h3 class=\"tabs__caption_title\">Deep Malicious Package Detection <\/h3>                            <div class=\"tabs__caption_content\">\n\t\t\t\t\t\t\t\t<div class=\"tabs__caption_description\">\n<p>Checkmarx detects all open-source packages in use, including dependencies of other packages, to identify those known to contain malware or exhibit suspicious behavior.<\/p>\n<\/div>                            <\/div>\n                        <\/li>\n\t\t\t\t\t\t                        <li>\n\t\t\t\t\t\t\t<h3 class=\"tabs__caption_title\">Unparalleled Malicious Packages Database<\/h3>                            <div class=\"tabs__caption_content\">\n\t\t\t\t\t\t\t\t<div class=\"tabs__caption_description\">\n<p>Checkmarx\u2019 multi-layered package analysis methodologies have identified more than 420,000 malicious packages to date.<\/p>\n<\/div>                            <\/div>\n                        <\/li>\n\t\t\t\t\t\t                        <li>\n\t\t\t\t\t\t\t<h3 class=\"tabs__caption_title\">From Pre-Production to Runtime<\/h3>                            <div class=\"tabs__caption_content\">\n\t\t\t\t\t\t\t\t<div class=\"tabs__caption_description\">\n<p>Checkmarx detects malicious packages in manifest files, binaries, and containers \u2013 and correlates runtime usage data available from Sysdig to prioritize remediation efforts.<\/p>\n<\/div>                            <\/div>\n                        <\/li>\n\t\t\t\t\t\t                        <li>\n\t\t\t\t\t\t\t<h3 class=\"tabs__caption_title\">Package Reliability Metrics<\/h3>                            <div class=\"tabs__caption_content\">\n\t\t\t\t\t\t\t\t<div class=\"tabs__caption_description\">\n<p>Checkmarx rates the trustworthiness of each open-source package included in your applications, by package legitimacy, behavioral integrity and contributor reputation.<\/p>\n<\/div>                            <\/div>\n                        <\/li>\n\t\t\t\t\t\t                        <li>\n\t\t\t\t\t\t\t<h3 class=\"tabs__caption_title\">Automated Policy Actions<\/h3>                            <div class=\"tabs__caption_content\">\n\t\t\t\t\t\t\t\t<div class=\"tabs__caption_description\">\n<p>Defined policies automatically take effect when malicious packages are detected. This can include sending alerts, generating incident reports, preventing pull requests and breaking builds.<\/p>\n<\/div>                            <\/div>\n                        <\/li>\n\t\t\t\t\t\t                <\/ul>\n            <\/div>\n\n            <div class=\"creative-tab__right\">\n\t\t\t\t                    <div class=\"tabs__content active\">\n\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/10\/deep_malicious_package_detection.webp\" alt=\"_deep_malicious_package_detection\" loading=\"lazy\">\n                            <\/div>\n\t\t\t\t\t                    <div class=\"tabs__content \">\n\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Unparalleled-Malware-Database.webp\" alt=\"Unparalleled Malware Database\" loading=\"lazy\">\n                            <\/div>\n\t\t\t\t\t                    <div class=\"tabs__content \">\n\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Detection-Across-the-SDLC.webp\" alt=\"Detection Across the SDLC\" loading=\"lazy\">\n                            <\/div>\n\t\t\t\t\t                    <div class=\"tabs__content \">\n\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Package-Reliability-Metrics.webp\" alt=\"Package Reliability Metrics\" loading=\"lazy\">\n                            <\/div>\n\t\t\t\t\t                    <div class=\"tabs__content \">\n\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Automated-Policy-Actions.webp\" alt=\"Automated Policy Actions\" loading=\"lazy\">\n                            <\/div>\n\t\t\t\t\t            <\/div>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t        <img decoding=\"async\" class=\"block-info__img-bg\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Mid-Page-CTA-Background-scaled.webp\" width=\"1440\" height=\"530\" alt=\"Mid Page CTA Background\" loading=\"lazy\">\n        \n\t\t\t<h2 class=\"section-title\">Trust Checkmarx to Reduce Open-Source and Third-Party Risk<\/h2>\t\t\t<p class=\"section-description\">Leading enterprises leverage Checkmarx\u2019 massive database of 420K+ malicious packages to eliminate the threats of malware in third-party software libraries.<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"#demo\" class=\"btn btn-2 btn-bg white demo\">Request a Demo<\/a>\n        \t\t\t\t\t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"section-list-creative-cards light-theme\" id=\"benefits\">\n    <div class=\"main-wrapper\">\n\t\t<p class=\"section-description-top\">What\u2019s in it for you<\/p>\t\t<h2 class=\"section-title\">Protect your Organization from the Dangers of Malicious Packages<\/h2>\t\t<p class=\"section-description\">Reduce OSS security threats and improve your overall security posture by ensuring that no malicious or suspicious third-party packages are putting your organization at risk.<\/p>    <\/div>\n    <div class=\"main-wrapper section-list-creative-cards__slider-wrapper\">\n        <div class=\"swiper js-slider-creative-hover-cards\" data-count-rows-grid=\"3\">\n            <div class=\"swiper-wrapper\">\n\n\t\t\t\t                    <div class=\"swiper-slide\">\n                        <div class=\"card-creative-hover\">\n                            <div class=\"card-creative-hover__bg\">\n\t\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Unmatched-OSS-Risk-Visibility.svg\" width=\"110\" height=\"80\" alt=\"Unmatched OSS Risk Visibility\" loading=\"lazy\">\n                                    <\/div>\n                            <div class=\"card-creative-hover__content\">\n\t\t\t\t\t\t\t\t<h3 class=\"card-creative-hover__title\">Unmatched Visibility into Open-Source Risk<\/h3>\t\t\t\t\t\t\t\t<div class=\"card-creative-hover__description\">\n<p>Confidently prevent malicious threats by leveraging the industry\u2019s largest OSS malware database and comprehensive code-to-cloud risk management capabilities.<\/p>\n<\/div>                            <\/div>\n\t                                                <\/div>\n                    <\/div>\n\t\t\t\t\t                    <div class=\"swiper-slide\">\n                        <div class=\"card-creative-hover\">\n                            <div class=\"card-creative-hover__bg\">\n\t\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Development-Environment-Protection.svg\" width=\"110\" height=\"80\" alt=\"Development Environment Protection\" loading=\"lazy\">\n                                    <\/div>\n                            <div class=\"card-creative-hover__content\">\n\t\t\t\t\t\t\t\t<h3 class=\"card-creative-hover__title\">Development Environment Protection<\/h3>\t\t\t\t\t\t\t\t<div class=\"card-creative-hover__description\">\n<p>Automatically identify and block malicious or suspicious packages before they are installed in the dev environment or pushed to code repositories.<\/p>\n<\/div>                            <\/div>\n\t                                                <\/div>\n                    <\/div>\n\t\t\t\t\t                    <div class=\"swiper-slide\">\n                        <div class=\"card-creative-hover\">\n                            <div class=\"card-creative-hover__bg\">\n\t\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/Efficient-Prioritized-Remediation.svg\" width=\"110\" height=\"80\" alt=\"Efficient Prioritized Remediation\" loading=\"lazy\">\n                                    <\/div>\n                            <div class=\"card-creative-hover__content\">\n\t\t\t\t\t\t\t\t<h3 class=\"card-creative-hover__title\">Efficient &#038; Prioritized Remediation<\/h3>\t\t\t\t\t\t\t\t<div class=\"card-creative-hover__description\">\n<p>Focus the efforts of your AppSec teams and developers on the open-source malware risks that pose the greatest threats to your organization.<\/p>\n<\/div>                            <\/div>\n\t                                                <\/div>\n                    <\/div>\n\t\t\t\t\t            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"section-creative-slider\">\n    <div class=\"circle-bg-gradient\">\n        <span class=\"circle-bg-gradient__children\"><\/span>\n    <\/div>\n    <div class=\"main-wrapper section-creative-slider__wrapper\">\n        <div class=\"section-creative-slider__left\">\n\t\t\t<h2 class=\"section-title\">What Our Customers Say About Us<\/h2>\t\t\t<p class=\"section-description\">Learn why a growing list of enterprises rely on our approach to application security.<\/p>            <div class=\"creative-slider__nav\">\n                <button class=\"creative-slider__nav_prev swiper-button-prev\" aria-label=\"Prev slide\">\n                    <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                        <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                            <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                            <\/g>\n                        <\/g>\n                    <\/svg>\n                <\/button>\n                <button class=\"creative-slider__nav_next swiper-button-next\" aria-label=\"Next slide\">\n                    <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                        <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                            <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                            <\/g>\n                        <\/g>\n                    <\/svg>\n                <\/button>\n            <\/div>\n            <div class=\"creative-slider__scrollbar\"><\/div>\n        <\/div>\n        <div class=\"section-creative-slider__right\">\n            <div class=\"creative-slider__wrapper\">\n                <div class=\"swiper creative-slider js-creative-slider\">\n                    <div class=\"swiper-wrapper\">\n\n\t\t\t\t\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;We view Checkmarx as our trusted partner. They\u2019ve elevated our security posture by consolidating our SAST, SCA, and API Security into a unified platform, Checkmarx One, enabling us to achieve vulnerability remediation, reduce noise, and benefit from strong support.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/Matthew-Hurewitz-Checkmarx-150x150.webp\" width=\"46\" height=\"46\" alt=\"Matthew Hurewitz Checkmarx\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Matthew Hurewitz<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Director, Platforms and Application Security<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/best-buy-cx-logo.svg\" width=\"154\" height=\"47\" alt=\"best buy cx logo\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;Incorporating Checkmarx&#8217;s technology has revolutionized our development culture. It&#8217;s more than just technology; it serves as the foundation of our security strategy, ensuring that our applications are secure by design.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Sudharma-Thikkavarapu-150x150.webp\" width=\"46\" height=\"46\" alt=\"Sudharma Thikkavarapu\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Sudharma Thikkavarapu<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Sr. Director, Product Security Engineering<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Dell.svg\" width=\"154\" height=\"47\" alt=\"Dell\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;Checkmarx One definitely checks all my boxes from a security standpoint and has a great interface that&#8217;s engaging and easy to use. Some of the solutions we considered were more complicated. With Checkmarx One, it&#8217;s easy to get right to the problem with little to no learning curve.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Joel-Godbout-150x150.webp\" width=\"46\" height=\"46\" alt=\"Joel Godbout\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Joel Godbout<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Cybersecurity and Networking Manager<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/PCL.svg\" width=\"154\" height=\"47\" alt=\"PCL\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;The success of our AppSec program can be directly attributed to the tooling, processes and support provided by Checkmarx managed services. Our mission revolves around providing secure and compliant lottery and gaming applications and services to our clients around the globe, and with Checkmarx SAST, SCA and associated components enhanced by their stellar service support, we deliver on this promise with confidence and certainty.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Dion-Alexopoulos-150x150.webp\" width=\"46\" height=\"46\" alt=\"Dion Alexopoulos\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Dion Alexopoulos<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Head of Information Security<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Allwyn.svg\" width=\"154\" height=\"47\" alt=\"Allwyn\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;After nearly nine years of using Checkmarx&#8217;s SAST, CGI&#8217;s journey has been one of seamless integration and consistent satisfaction. The last three years have been particularly smooth, reflecting the solution&#8217;s reliability and our successful partnership.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Abhishek-Das-150x150.webp\" width=\"46\" height=\"46\" alt=\"Abhishek Das\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Abhishek Das<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Lead Security Analyst<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/CGI.svg\" width=\"154\" height=\"47\" alt=\"CGI\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback \">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;After reviewing the Checkmarx platform, I&#8217;m not sure how Veracode is able to exist while being at a similar price point.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t                        <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Financial Services:<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">DevSecOps Engineering<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback big-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;By Far The Best AppSec Tooling Decision We Have Made!!&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t                        <div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Gartner.svg\" width=\"154\" height=\"47\" alt=\"Gartner\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback small-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;We were thrilled to find Checkmarx, which helped us improve the SLA for identifying and remediating risk, reduce risk and the number of vulnerabilities, and eliminate high- and medium-risk issues.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t        <img decoding=\"async\" class=\"author__avatar\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Ubirajara-Aguiar-Jr-150x150.webp\" width=\"46\" height=\"46\" alt=\"Ubirajara Aguiar Jr.\" loading=\"lazy\">\n                                <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Ubirajara Aguiar Jr.<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">Tech Lead, Red Team\/DevSecOps<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Pismo.svg\" width=\"154\" height=\"47\" alt=\"Pismo\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t        <div class=\"swiper-slide\">\n            <div class=\"card-creative-feedback big-text\">\n\t\t\t\t<p class=\"card-creative-feedback__text\">&#8220;Checkmarx made security team and developers life easier.&#8221;<\/p>                <div class=\"card-creative-feedback__footer\">\n                    <div class=\"author\">\n\t\t\t\t\t\t                        <div>\n\t\t\t\t\t\t\t<p class=\"author__name\">Security Analyst<\/p>\t\t\t\t\t\t\t<p class=\"author__profesion\">IT Services<\/p>                        <\/div>\n                    <\/div>\n\n\t\t\t\t\t                        <div class=\"card-creative-feedback__logo\">\n\t\t\t\t\t\t\t        <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/Gartner.svg\" width=\"154\" height=\"47\" alt=\"Gartner\" loading=\"lazy\">\n                                <\/div>\n\t\t\t\t\t                <\/div>\n            <\/div>\n        <\/div>\n\t\t                    <\/div>\n                <\/div>\n                <div class=\"creative-slider__pagination\"><\/div>\n            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"section-accordion\" id=\"faq\">\n    <div class=\"main-wrapper section-accordion__wrapper\">\n        <h2 class=\"section-title\">FAQ<\/h2>\n        <div class=\"fag-accordion__wrapper\">\n            <div class=\"js-accordion fag-accordion\">\n                <div>\n\n                                            <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                What are malicious packages?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW68454825 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW68454825 BCX0\">A<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\"> malicious package is a piece of code disguised as a legitimate software <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">component<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\"> but designed to harm systems or steal data. Unlike packages<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\"> that only <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">contain<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\"> unintentional security weaknesses <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">(vulnerabilities) <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">that can <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">potential<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">ly<\/span><span class=\"NormalTextRun SCXW68454825 BCX0\"> be exploited by bad actors, malicious packages are designed <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">and propagated <\/span><span class=\"NormalTextRun SCXW68454825 BCX0\">with malevolent intent.<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                                                <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                How prevalent are malicious packages?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW143228068 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW143228068 BCX0\">The threat level to organizations of supply chain attacks in general, and malicious packages in particular, has been rapidly rising over the past few years. The numbers tell a disturbing story: <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW143228068 BCX0\">Checkmarx<\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">\u2019 AppSec research team has discovered more than 420,000 <\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">publicly available <\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">malicious packages<\/span><span class=\"NormalTextRun SCXW143228068 BCX0\"> (as of November 2024)<\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">. <\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">76% of CISOs are concerned about the dangers of malicious packages (<\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW143228068 BCX0\">Checkmarx<\/span><span class=\"NormalTextRun SCXW143228068 BCX0\"> survey, 2024). <\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">The average cost of a software supply chain compromise was $4.63 million, which is 8.3% higher than the average cost of a data breach due to other causes (IBM, 2023). It is imperative that CISOs and AppSec teams place more focus on this critical threat vector<\/span><span class=\"NormalTextRun SCXW143228068 BCX0\">.<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                                                <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                How does Checkmarx identify malicious packages?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW247060208 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SpellingErrorV2Themed SCXW247060208 BCX0\">Checkmarx<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> combines proprietary technology <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">with a team of expert security researchers<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> to effectively <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">identify<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> malicious packages<\/span><span class=\"NormalTextRun CommentStart SCXW247060208 BCX0\">.<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> Our threat intelligence system performs automated tests to <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">identify<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> suspicious package behaviors, author reputation, and <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">additional<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> checks (secrets, code scanning, static analysis, etc.). When a package is flagged as potentially malicious, our security research team conducts a thorough manual review to confirm its malicious nature, and avoid false positives, before adding it to our database (and reporting it externally, when <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">appropriate)<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">.<\/span> <span class=\"NormalTextRun SCXW247060208 BCX0\">On average, <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW247060208 BCX0\">Checkmarx<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> scans <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">nearly 2<\/span><span class=\"NormalTextRun SCXW247060208 BCX0\"> million OSS packages <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">every <\/span><span class=\"NormalTextRun SCXW247060208 BCX0\">month.<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                        <\/div>\n<div>                        <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                What are examples of malicious and suspicious package behaviors?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW234853222 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW234853222 BCX0\">A few examples include data exfiltration (stealing sensitive information), harmful file download, network connection to domain address known to be used by attackers, crypto-mining software, <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW234853222 BCX0\">repojacking<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\"> (takes control of the repository of a legitimate package), <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW234853222 BCX0\">typosquatting<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\"> (mimics the name of a popular package, inducing users to inadvertently use this package), <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW234853222 BCX0\">chainjacking<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\"> (stor<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\">es<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\"> a package in a renamed GitHub repository), and <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW234853222 BCX0\">protestware<\/span><span class=\"NormalTextRun SCXW234853222 BCX0\"> (software that includes functionality which aims to protest an issue).<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                                                <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                How can I protect myself from malicious packages?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\">The most effective way to prevent <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">harm to your organization<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> from malicious packages is to <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">validate<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> each package before it is installed<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">. <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">Beyond th<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">is<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">, it is important to <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">frequently<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> scan all the OSS packages use<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">d<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> in your applications<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> and container<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> images<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">, to <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">identify<\/span> <span class=\"NormalTextRun SCXW96673294 BCX0\">and remove\/update <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">any package versions that may <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">have been flagged as <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">contain<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">ing<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> malicious or suspicious code <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">(n<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">ote that most SCA solutions <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">check for packages with <\/span><\/span><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\">vulnerabilities<\/span><\/span><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\">, but <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">do not <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">identify<\/span> <\/span><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\">malicious<\/span><\/span><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\"> packages<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">). <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">Other best practices include only using trusted repositories, only using OSS from reputable authors\/maintainers, and keeping packages updated to the latest versions (so that you are <\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">benefiting<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> from the most recent security patches).<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\"> Learn more about<\/span> <span class=\"NormalTextRun SpellingErrorV2Themed SCXW96673294 BCX0\">Checkmarx<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">\u2019 <\/span><\/span><a class=\"Hyperlink SCXW96673294 BCX0\" href=\"https:\/\/checkmarx.com\/cxsca-open-source-scanning\/\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW96673294 BCX0\" data-ccp-charstyle=\"Hyperlink\">SCA scan<\/span><\/span><\/a><span class=\"TextRun SCXW96673294 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW96673294 BCX0\"> technology<\/span><span class=\"NormalTextRun SCXW96673294 BCX0\">.<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                                                <div class=\"js-accordion__item fag-accordion__item \">\n                            <h3 class=\"js-accordion__btn fag-accordion__btn\">\n                                <svg width=\"34px\" height=\"23px\" viewbox=\"0 0 34 23\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                                    <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                                        <g id=\"Shape\" transform=\"translate(0.939453, 1.530000)\" stroke-width=\"3\">\n                                            <path d=\"M19.810947,20.4179 L31.029947,9.14 M30.029947,10.1989 L0,10.1989 M31.029947,11.26 L19.810947,0\"><\/path>\n                                        <\/g>\n                                    <\/g>\n                                <\/svg>\n                                Where do most malicious packages come from?                            <\/h3>\n                            <div class=\"js-accordion-content fag-accordion__content\">\n                                <p><span class=\"TextRun SCXW47265971 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW47265971 BCX0\">Bad actors tend to focus on <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">widely used <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">package<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">s<\/span> <span class=\"NormalTextRun SCXW47265971 BCX0\">and widely used <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">repositories<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">. <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">Prominent e<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">xamples include <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">distributing <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">JavaScript <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW47265971 BCX0\">npm<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\"> malicious packages<\/span> <span class=\"NormalTextRun SCXW47265971 BCX0\">via the <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW47265971 BCX0\">npm<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\"> Registry<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">, <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">Python <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">malicious packages<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\"> via the <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">Python Package Index (<\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW47265971 BCX0\">PyPI<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">)<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">,<\/span> <span class=\"NormalTextRun SCXW47265971 BCX0\">.NET <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">NuGet <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">malicious packages<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\"> via the <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">NuGet Gallery<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">, and <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">all types of <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">malicious software packages <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">via <\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">GitHub Packages<\/span><span class=\"NormalTextRun SCXW47265971 BCX0\">.<\/span><\/span><\/p>\n                            <\/div>\n                        <\/div>\n                                        <\/div>\n            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<script type=\"application\/ld+json\">{\"@context\":\"https:\/\/schema.org\",\"@type\":\"FAQPage\",\"url\":\"https:\/\/checkmarx.com\/product\/malicious-packages\/\",\"mainEntity\":[{\"@type\":\"Question\",\"name\":\"What are malicious packages?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A malicious package is a piece of code disguised as a legitimate software component but designed to harm systems or steal data. Unlike packages that only contain unintentional security weaknesses (vulnerabilities) that can potentially be exploited by bad actors, malicious packages are designed and propagated with malevolent intent.\"}},{\"@type\":\"Question\",\"name\":\"How prevalent are malicious packages?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The threat level to organizations of supply chain attacks in general, and malicious packages in particular, has been rapidly rising over the past few years. The numbers tell a disturbing story: Checkmarx\u2019 AppSec research team has discovered more than 420,000 publicly available malicious packages (as of November 2024). 76% of CISOs are concerned about the dangers of malicious packages (Checkmarx survey, 2024). The average cost of a software supply chain compromise was $4.63 million, which is 8.3% higher than the average cost of a data breach due to other causes (IBM, 2023). It is imperative that CISOs and AppSec teams place more focus on this critical threat vector.\"}},{\"@type\":\"Question\",\"name\":\"How does Checkmarx identify malicious packages?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Checkmarx combines proprietary technology with a team of expert security researchers to effectively identify malicious packages. Our threat intelligence system performs automated tests to identify suspicious package behaviors, author reputation, and additional checks (secrets, code scanning, static analysis, etc.). When a package is flagged as potentially malicious, our security research team conducts a thorough manual review to confirm its malicious nature, and avoid false positives, before adding it to our database (and reporting it externally, when appropriate). On average, Checkmarx scans nearly 2 million OSS packages every month.\"}},{\"@type\":\"Question\",\"name\":\"What are examples of malicious and suspicious package behaviors?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A few examples include data exfiltration (stealing sensitive information), harmful file download, network connection to domain address known to be used by attackers, crypto-mining software, repojacking (takes control of the repository of a legitimate package), typosquatting (mimics the name of a popular package, inducing users to inadvertently use this package), chainjacking (stores a package in a renamed GitHub repository), and protestware (software that includes functionality which aims to protest an issue).\"}},{\"@type\":\"Question\",\"name\":\"How can I protect myself from malicious packages?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The most effective way to prevent harm to your organization from malicious packages is to validate each package before it is installed. Beyond this, it is important to frequently scan all the OSS packages used in your applications and container images, to identify and remove\/update any package versions that may have been flagged as containing malicious or suspicious code (note that most SCA solutions check for packages with vulnerabilities, but do not identify malicious packages). Other best practices include only using trusted repositories, only using OSS from reputable authors\/maintainers, and keeping packages updated to the latest versions (so that you are benefiting from the most recent security patches). Learn more about Checkmarx\u2019 SCA scan technology.\"}},{\"@type\":\"Question\",\"name\":\"Where do most malicious packages come from?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Bad actors tend to focus on widely used packages and widely used repositories. Prominent examples include distributing JavaScript npm malicious packages via the npm Registry, Python malicious packages via the Python Package Index (PyPI), .NET NuGet malicious packages via the NuGet Gallery, and all types of malicious software packages via GitHub Packages.\"}}]}<\/script>\n\n<section class=\"section-marketecture dark-theme\" id=\"checkmarx-one\" style=\"\n        --bg-desktop: url('https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/05\/bg-desktop-scaled.webp');\n        --bg-mobile: url('https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/05\/bg-mobile-scaled.webp');\n        \">\n    <div class=\"main-wrapper section-marketecture__wrapper\">\n\t\t<p class=\"section-description-top\">Checkmarx One<\/p>\t\t<h2 class=\"section-title\">The Cloud-Native Enterprise Application Security Platform<\/h2>        <div class=\"section-description\">\n\t\t\t<p>Checkmarx One delivers a full suite of enterprise AppSec solutions in a unified, cloud-based platform that allows enterprises to secure their applications from the first line of code to deployment in the cloud. Get everything your enterprise needs to integrate AppSec across every stage of the SDLC and build a successful AppSec program.<\/p>\n        <\/div>\n\t\t        <a href=\"\/product\/application-security-platform\/\" class=\"btn btn-2 btn-bg accent demo\">Explore Checkmarx One<\/a>\n        \t\t        <a href=\"\/packaging\/\" class=\"btn btn-2 border-2\">Packaging &amp; Pricing<\/a>\n        \n        <!-- only for mobile -->\n        <div class=\"marketecture-sheme-mobile\">\n            <p class=\"marketecture-sheme-mobile__title decor-corner decor-to-bottom\">Application Security Posture <br>Management (ASPM)\t\t\t\t<span>Consolidated, correlated, prioritized insights to help your team manage risk<\/span>            <\/p>\n\n            <!-- open type -->\n\t\t\t                <div class=\"marketecture-mobile-item-open decor-drop decor-line\">\n                    <div class=\"marketecture-mobile-item-open__header decor-corner decor-to-top\">\n                        <p>Code<\/p>\n                        <a href=\"#\">Agentic Security<\/a>\n                    <\/div>\n\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-open__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tDeveloper Assist\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tRemediation Assist\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tSAST\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tDAST\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tAPI Security\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tAI-Generated Code Analysis\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t                <\/div>\n\t\t\t\t                <div class=\"marketecture-mobile-item-open decor-drop decor-line\">\n                    <div class=\"marketecture-mobile-item-open__header decor-corner decor-to-top\">\n                        <p>Supply Chain<\/p>\n                        <a href=\"#\">Agentic Security<\/a>\n                    <\/div>\n\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-open__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tTriage Assist\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tSCA\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tMalicious Packages\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tSecrets Detection\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tRepository Health\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tAI Supply Chain Governance\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tLLM &amp; Agent Governance\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t                <\/div>\n\t\t\t\t                <div class=\"marketecture-mobile-item-open decor-drop \">\n                    <div class=\"marketecture-mobile-item-open__header decor-corner decor-to-top\">\n                        <p>Cloud<\/p>\n                        <a href=\"#\">Agentic Security<\/a>\n                    <\/div>\n\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-open__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tContainer Security\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tIaC Security\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t                <\/div>\n\t\t\t\t\n            <!-- close type -->\n            <div class=\"list-marketecture-mobile-item-close js-marketecture-list-header-drop-down\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-mobile-item-close\">\n\t\t\t\t\t\t\t\t\t<div class=\"marketecture-mobile-item-close__header js-marketecture-header-drop-down\">\n\t\t\t\t\t\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\tDev Enablement\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t<i><\/i>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"marketecture-drop-down\">\n\t\t\t\t\t\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-close__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tCodebashing\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-mobile-item-close\">\n\t\t\t\t\t\t\t\t<div class=\"marketecture-mobile-item-close__header js-marketecture-header-drop-down\">\n\t\t\t\t\t\t\t\t\t<p>DevSecOps<\/p>\n\t\t\t\t\t\t\t\t\t<i><\/i>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<div class=\"marketecture-drop-down\">\n\t\t\t\t\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-close__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t75+ Languages\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t100+ Frameworks\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t75+ Technologies\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tSDLC Integrations\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tADLC Integrations\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tIDE Integrations\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tPipeline Policy Enforcement\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t                <div class=\"marketecture-mobile-item-close\">\n                    <div class=\"marketecture-mobile-item-close__header js-marketecture-header-drop-down\">\n                        <p>Services<\/p>\n                        <i><\/i>\n                    <\/div>\n                    <div class=\"marketecture-drop-down\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<ul class=\"marketecture-mobile-item-close__body js-marketecture-list-drop-down\">\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tPremium Support\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tPremium Services\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t \n\t\t\t\t<li>\n\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t\t\t\t\t\tMaturity Assessment\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t<\/li>\n\t\t\t\t\t<\/ul>\n\t\t                    <\/div>\n                <\/div>\n            <\/div>\n        <\/div>\n\n        <!-- only for desktop -->\n        <div class=\"marketecture-sheme-desktop\">\n            <div class=\"marketecture-sheme-desktop__body\">\n                <div class=\"marketecture-sheme-desktop__sidebar\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"marketecture-desktop-item__header\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tDev Enablement\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tCodebashing\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Codebashing<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"marketecture-desktop-item__header\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tDevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\t75+ Languages\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>75+ Languages<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\t100+ Frameworks\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>100+ Frameworks<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\t75+ Technologies\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>75+ Technologies<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tSDLC Integrations\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>SDLC Integrations<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tADLC Integrations\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>ADLC Integrations<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tIDE Integrations\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>IDE Integrations<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tPipeline Policy Enforcement\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Pipeline Policy Enforcement<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\n\n\n                <\/div>\n\n                <div class=\"marketecture-sheme-desktop__main\">\n                    <p class=\"marketecture-desktop-item__header top-header-item\">Unified Dashboard, Reporting &amp; Risk Management<\/p>\n                    <div class=\"marketecture-desktop-item__header border main-header-item\">\n                        <p>Application Security Posture <br>Management (ASPM)<\/p>\n                        <div class=\"marketecture-desktop-item__popup\">\n                            <div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t<p>Consolidated, correlated, prioritized insights to help your team manage risk<\/p>\n                            <\/div>\n                        <\/div>\n                    <\/div>\n\n                    <div class=\"with-decor-lines\">\n                        <div class=\"with-decor-lines__list\">\n                            <span class=\"with-decor-lines__line\"><\/span>\n                            <span class=\"with-decor-lines__line\"><\/span>\n                            <span class=\"with-decor-lines__line\"><\/span>\n                        <\/div>\n                        <p class=\"marketecture-desktop-item__header\">Agentic Security<\/p>\n                    <\/div>\n\n                    <div class=\"list-marketecture-desktop-item\">\n\t\t\t\t\t\t                            <div class=\"marketecture-desktop-item border\">\n\t\t\t\t\t\t\t\t<p class=\"marketecture-desktop-item__header\">Code<\/p>        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"item-animation-cursor js-item-animation-cursor active\">\n\t\t\t\t\t\t\t\t\t\t\tDeveloper Assist\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Developer Assist<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tRemediation Assist\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Remediation Assist<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tSAST\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>SAST<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tDAST\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>DAST<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tAPI Security\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>API Security<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tAI-Generated Code Analysis\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>AI-Generated Code Analysis<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t                            <\/div>\n\t\t\t\t\t\t\t                            <div class=\"marketecture-desktop-item border\">\n\t\t\t\t\t\t\t\t<p class=\"marketecture-desktop-item__header\">Supply Chain<\/p>        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tTriage Assist\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Triage Assist<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tSCA\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>SCA<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tMalicious Packages\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Malicious Packages<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tSecrets Detection\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Secrets Detection<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tRepository Health\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Repository Health<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tAI Supply Chain Governance\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>AI Supply Chain Governance<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tLLM &amp; Agent Governance\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>LLM &#038; Agent Governance<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t                            <\/div>\n\t\t\t\t\t\t\t                            <div class=\"marketecture-desktop-item border\">\n\t\t\t\t\t\t\t\t<p class=\"marketecture-desktop-item__header\">Cloud<\/p>        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tContainer Security\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Container Security<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tIaC Security\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>IaC Security<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t                            <\/div>\n\t\t\t\t\t\t\t                    <\/div>\n                <\/div>\n\n                <div class=\"marketecture-sheme-desktop__sidebar\">\n                    <div class=\"marketecture-desktop-item\">\n                        <p class=\"marketecture-desktop-item__header\">Services<\/p>\n\t\t\t\t\t\t        <ul class=\"marketecture-desktop-item__body\">\n\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tPremium Support\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Premium Support<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tPremium Services\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Premium Services<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t                <li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<p class=\"\">\n\t\t\t\t\t\t\t\t\t\t\tMaturity Assessment\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"marketecture-desktop-item__popup_wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t<p>Maturity Assessment<\/p>\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t                    <\/div>\n                <\/li>\n\t\t\t\t        <\/ul>\n\t\t                    <\/div>\n                <\/div>\n            <\/div>\n\t\t\t\t\t\t        <\/div>\n\n    <\/div>\n<\/section>\n\n\n<section class=\"section-registration section-registration-v2 gradient light-theme\" id=\"demo\">\n    <div class=\"main-wrapper section-registration__wrapper\">\n        <div class=\"section-registration__left\">\n            <div class=\"section-registration__wrap-form\">\n                <p class=\"section-description-top\">Get a Demo<\/p>                <h3 class=\"section-title\">Discover Checkmarx\u2019 Malicious Package Protection<\/h3>                <p class=\"section-description\">See how easy it is to ensure that malicious and suspicious OSS packages do not put your business at risk.<\/p>\n                <div class=\"section-registration__form hbsp-form\">\n                                    <script charset=\"utf-8\" type=\"text\/javascript\" src=\"\/\/js.hsforms.net\/forms\/embed\/v2.js\"><\/script>\n                <script>\n                    hbspt.forms.create({\n                        region: \"na1\",\n                        portalId: \"146169\",\n                        formId: \"bb921c8d-5a05-4154-afb9-bbc992b3aed3\",\n                        onFormReady: function ($form) {\n                            if (typeof initCountryStateBehavior === 'function') {\n                                initCountryStateBehavior($form[0]);\n                            }\n\n                            \/\/ Try to active submit button for known users\n                            if (typeof activateSubmitForKnownUser === 'function') {\n                                activateSubmitForKnownUser($form[0]);\n                            }\n\n                            [\n                                ...document.querySelectorAll('.hs_firstname'),\n                                ...document.querySelectorAll('.hs_lastname'),\n                                ...document.querySelectorAll('.hs_company'),\n                                ...document.querySelectorAll('.hs_jobtitle'),\n                                ...document.querySelectorAll('.hs-dependent-field'),\n                                ...document.querySelectorAll('.hs_number_of_developers'),\n                                ...document.querySelectorAll('.hs_did_you_attended_a_checkmarx_training_in_the_past_if_so_which_')\n                            ].forEach(elem => elem.style.display = 'none');\n                        },\n                        onFormSubmit: function ($form) {\n                            \/\/ Find element to scroll to\n                            const scrollTarget = document.querySelector('.section-registration__wrap-form');\n                            if (scrollTarget) {\n                                scrollTarget.scrollIntoView({ behavior: 'smooth' });\n                            } else {\n                                console.warn('onFormSubmit: \u044d\u043b\u0435\u043c\u0435\u043d\u0442 .section-registration__wrap-form \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d');\n                            }\n\n                            \/\/ Call a custom function if defined\n                            if (typeof window.advancedFormSubmitted === 'function') {\n                                window.advancedFormSubmitted($form); \/\/ Can be passed the form if needed\n                            } else {\n                                console.warn('onFormSubmit: \u0444\u0443\u043d\u043a\u0446\u0438\u044f advancedFormSubmitted \u043d\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430');\n                            }\n                        }\n                    });\n                    document.addEventListener('change', (e) => {\n                        if (e.target.closest('.hs-input')) {\n                            [\n                                ...document.querySelectorAll('.hs_firstname'),\n                                ...document.querySelectorAll('.hs_lastname'),\n                                ...document.querySelectorAll('.hs_company'),\n                                ...document.querySelectorAll('.hs_jobtitle'),\n                                ...document.querySelectorAll('.hs-dependent-field'),\n                                ...document.querySelectorAll('.hs_number_of_developers'),\n                                ...document.querySelectorAll('.hs_did_you_attended_a_checkmarx_training_in_the_past_if_so_which_')\n                            ].forEach(elem => elem.style.display = 'block');\n                        }\n                    })\n                <\/script>\n                                <\/div>\n            <\/div>\n        <\/div>\n\n        <div class=\"section-registration__right\">\n            <h3><strong data-start=\"575\" data-end=\"636\">Stop Malicious Packages Before They Compromise Your Build<\/strong><\/h3>\n<ul>\n<li data-start=\"2015\" data-end=\"2240\">\n<p data-start=\"2017\" data-end=\"2240\"><strong>Stop supply\u2011chain malware early: <\/strong>Detect malicious &amp; suspicious OSS across ecosystems with the industry\u2019s largest database (420k+), not just CVE\u2011tracked vulns.<\/p>\n<\/li>\n<li data-start=\"2241\" data-end=\"2420\">\n<p data-start=\"2243\" data-end=\"2420\"><strong>Detect across the SDLC: <\/strong>Manifests, binaries, containers &#8211; plus <strong data-start=\"2308\" data-end=\"2331\">runtime correlation<\/strong> to prioritize what\u2019s actually in use.<\/p>\n<\/li>\n<li data-start=\"2421\" data-end=\"2570\">\n<p data-start=\"2423\" data-end=\"2570\"><strong>Automate policy actions:<\/strong> Block builds and enforce guardrails to reduce mean\u2011time\u2011to\u2011contain.<\/p>\n<\/li>\n<li data-start=\"2571\" data-end=\"2760\">\n<p data-start=\"2573\" data-end=\"2760\"><strong>Developer\u2011first prevention:<\/strong> Surface malicious\u2011package alerts directly in the IDE via Developer Assist to <strong>fix before commit.<\/strong><\/p>\n<\/li>\n<li data-start=\"2761\" data-end=\"2914\">\n<p data-start=\"2763\" data-end=\"2914\"><strong>One platform view: <\/strong>Fold MPP into Checkmarx One for unified reporting across SAST, SCA, IaC, Secrets.<\/p>\n<\/li>\n<\/ul>\n        <\/div>\n    <\/div>\n    <div class=\"main-wrapper\">\n        <div class=\"logos-wrapper\">\n            <p class=\"section-registration__list-logo_title\">Trusted By:<\/p>            <div class=\"slider-wrapper js-slider-registration-bottom\">\n                <ul class=\"section-registration__list-logo\">\n                                            <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/siemens.svg\" alt=\"siemens\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/adidas.svg\" alt=\"adidas\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/salesforce.svg\" alt=\"salesforce\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/citi.svg\" alt=\"citi\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/visa.svg\" alt=\"visa\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/ford.svg\" alt=\"ford\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/02\/the_carlsberg_group_demo_section_dark.svg\" alt=\"the_carlsberg_group_demo_section_dark\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/04\/elevance.svg\" alt=\"elevance\">\n                                <\/li>\n                                                <li>\n                                    <img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/08\/deel_checkmarx_trusted_by.svg\" alt=\"deel_checkmarx_trusted_by\">\n                                <\/li>\n                                        <\/ul>\n            <\/div>\n                <\/div>\n    <\/div>\n<\/section>\n\n<section class=\"section-latest section-latest__second-version section-light section-latest__second-version section-before-footer-top light-theme\">\n    <div class=\"main-wrapper section-latest__top-wrapper\">\n        <div class=\"section-latest__content_top\">\n            <h2 class=\"section-title\" style=\"translate: none; rotate: none; scale: none; transform: translate(0px, 0px); opacity: 1;\">Related Resources<\/h2>\n            <p class=\"section-description\" style=\"max-width: 530px;\">Learn more about protecting your organization from malicious packages:<\/p>\n        <\/div>\n                    <div class=\"slider-navigation-right-type\">\n                <button class=\"slider-post-cards__prev swiper-button-prev\" aria-label=\"Prev slide\"><\/button>\n                <button class=\"slider-post-cards__next swiper-button-next\" aria-label=\"Next slide\"><\/button>\n            <\/div>\n            <\/div>\n    <div class=\"main-wrapper section-latest__wrapper\">\n                    <div class=\"swiper slider-post-cards js-slider-post-cards-second-version\">\n                <div class=\"swiper-wrapper\">\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/the-hidden-threat-of-malicious-open-source-packages-exec-summary\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/11\/The-Hidden-Threat-of-MOPSP-Exec-Summary-RC.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/the-hidden-threat-of-malicious-open-source-packages-exec-summary\/\" class=\"card-post__title\">Whitepapers &amp; Reports<\/a>\n                                            <br>\n                                                                                <a href=\"https:\/\/checkmarx.com\/resources\/the-hidden-threat-of-malicious-open-source-packages-exec-summary\/\" class=\"card-post__description\">The Hidden Threat of Malicious Open-Source Packages: Exec Summary<\/a>\n                                                                            <\/div>\n                                    <a href=\"https:\/\/checkmarx.com\/resources\/the-hidden-threat-of-malicious-open-source-packages-exec-summary\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read More                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"\/the-hidden-threat-of-malicious-open-source-packages\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/10\/malicious_packages_report_website_thumbnail_-scaled.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"\/the-hidden-threat-of-malicious-open-source-packages\/\" class=\"card-post__title\">Whitepapers &amp; Reports<\/a>\n                                            <br>\n                                                                                <a href=\"\/the-hidden-threat-of-malicious-open-source-packages\/\" class=\"card-post__description\">The Hidden Threat of Malicious Open-Source Packages<\/a>\n                                                                            <\/div>\n                                    <a href=\"\/the-hidden-threat-of-malicious-open-source-packages\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read More                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/malicious-package-protection-solution-brief\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/11\/malicious_package_solution_brief_2x-1-scaled.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/malicious-package-protection-solution-brief\/\" class=\"card-post__title\">Solution Brief<\/a>\n                                            <br>\n                                                                                <a href=\"https:\/\/checkmarx.com\/resources\/malicious-package-protection-solution-brief\/\" class=\"card-post__description\">Malicious Package Protection Solution Brief<\/a>\n                                                                            <\/div>\n                                    <a href=\"https:\/\/checkmarx.com\/resources\/malicious-package-protection-solution-brief\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read Now                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/blog\/tornado-cash-theft-uncovered-malicious-code-drains-funds-for-months\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/tornado_cash.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/blog\/tornado-cash-theft-uncovered-malicious-code-drains-funds-for-months\/\" class=\"card-post__title\">Blog Post<\/a>\n                                            <br>\n                                                                                <a href=\"https:\/\/checkmarx.com\/blog\/tornado-cash-theft-uncovered-malicious-code-drains-funds-for-months\/\" class=\"card-post__description\">Tornado Cash: Malicious Code Drains Funds for Months<\/a>\n                                                                            <\/div>\n                                    <a href=\"https:\/\/checkmarx.com\/blog\/tornado-cash-theft-uncovered-malicious-code-drains-funds-for-months\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read Now                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/3_emerging_trendss-scaled.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/resources\/\" class=\"card-post__title\">Research Report<\/a>\n                                            <br>\n                                                                                <a href=\"https:\/\/checkmarx.com\/resources\/\" class=\"card-post__description\">3 Emerging Trends in Open-Source Software Malicious Packages<\/a>\n                                                                            <\/div>\n                                    <a href=\"https:\/\/checkmarx.com\/resources\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read Now                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                                <div class=\"swiper-slide\">\n                                <div class=\"card-post card-post__second-version card-post__v4 card-page\">\n                                    <div>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/press-releases\/as-malicious-open-source-packages-proliferate-checkmarx-announces-supply-chain-threat-intelligence-for-faster-easier-identification-of-potential-threats\/\" class=\"card-post__bg\"><span class=\"bg-el\" style=\"background-image: url(https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/08\/generic_press_release-scaled.webp);\"><\/span>\n                                            <\/a>\n                                                                                    <a href=\"https:\/\/checkmarx.com\/press-releases\/as-malicious-open-source-packages-proliferate-checkmarx-announces-supply-chain-threat-intelligence-for-faster-easier-identification-of-potential-threats\/\" class=\"card-post__title\">Press Release<\/a>\n                                            <br>\n                                                                                <a href=\"https:\/\/checkmarx.com\/press-releases\/as-malicious-open-source-packages-proliferate-checkmarx-announces-supply-chain-threat-intelligence-for-faster-easier-identification-of-potential-threats\/\" class=\"card-post__description\">Checkmarx Announces Supply Chain Threat Intelligence for Faster, Easier Identification of Potential Threats <\/a>\n                                                                            <\/div>\n                                    <a href=\"https:\/\/checkmarx.com\/press-releases\/as-malicious-open-source-packages-proliferate-checkmarx-announces-supply-chain-threat-intelligence-for-faster-easier-identification-of-potential-threats\/\" class=\"link-to-more\" target=\"_blank\">\n                                        Read Now                                        <i class=\"arrow-css\">\n                                            <svg width=\"18px\" height=\"17px\" viewbox=\"0 0 18 17\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n                                                <g id=\"Page-1\" stroke=\"none\" stroke-width=\"1\" fill-rule=\"evenodd\">\n                                                    <g id=\"icon-arrow-right\" transform=\"translate(8.221166, 8.108806) scale(1, -1) translate(-8.221166, -8.108806) translate(0.441166, 0.852471)\" stroke-width=\"2\">\n                                                        <path d=\"M7.9030343,-0.277179457 L15.659374,7.22282054 M15.5563543,6.75633 L0,6.75633 M15.8772737,6.05901676 L8.11728804,14.2716868\" id=\"Shape\"><\/path>\n                                                    <\/g>\n                                                <\/g>\n                                            <\/svg>\n                                        <\/i>\n                                    <\/a>\n\n                                <\/div>\n                            <\/div>\n\n                                    <\/div>\n                <span class=\"swiper-notification\" aria-live=\"assertive\" aria-atomic=\"true\"><\/span>\n            <\/div>\n            <\/div>\n<\/section>","protected":false},"excerpt":{"rendered":"","protected":false},"author":11,"featured_media":0,"parent":658,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":true,"footnotes":""},"class_list":["post-96984","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Malicious Software Packages Protection - Checkmarx<\/title>\n<meta name=\"description\" content=\"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/product\/malicious-packages\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malicious Software Packages Protection - Checkmarx\" \/>\n<meta property=\"og:description\" content=\"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/product\/malicious-packages\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-10T21:49:41+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/product\/malicious-packages\/\",\"url\":\"https:\/\/checkmarx.com\/product\/malicious-packages\/\",\"name\":\"Malicious Software Packages Protection - Checkmarx\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"datePublished\":\"2024-08-19T13:48:25+00:00\",\"dateModified\":\"2026-02-10T21:49:41+00:00\",\"description\":\"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.\",\"breadcrumb\":{\"@id\":\"https:\/\/checkmarx.com\/product\/malicious-packages\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/product\/malicious-packages\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/checkmarx.com\/product\/malicious-packages\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Platform\",\"item\":\"https:\/\/checkmarx.com\/product\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Malicious Package Protection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Malicious Software Packages Protection - Checkmarx","description":"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/product\/malicious-packages\/","og_locale":"en_US","og_type":"article","og_title":"Malicious Software Packages Protection - Checkmarx","og_description":"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.","og_url":"https:\/\/checkmarx.com\/product\/malicious-packages\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2026-02-10T21:49:41+00:00","twitter_card":"summary_large_image","twitter_site":"@checkmarx","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/product\/malicious-packages\/","url":"https:\/\/checkmarx.com\/product\/malicious-packages\/","name":"Malicious Software Packages Protection - Checkmarx","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"datePublished":"2024-08-19T13:48:25+00:00","dateModified":"2026-02-10T21:49:41+00:00","description":"Secure your software supply chain from malicious packages. Discover how leading enterprises protect their apps. Learn more to secure your software today.","breadcrumb":{"@id":"https:\/\/checkmarx.com\/product\/malicious-packages\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/product\/malicious-packages\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/checkmarx.com\/product\/malicious-packages\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Platform","item":"https:\/\/checkmarx.com\/product\/"},{"@type":"ListItem","position":2,"name":"Malicious Package Protection"}]},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/pages\/96984","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/comments?post=96984"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/pages\/96984\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/pages\/658"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=96984"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}