Impressed at @SocketSecurity launch. Their tool keeps your app safe even in the worst case scenario of an active supply chain attack in an NPM package.
Before node_modules was just a huge black hole... in my heart. It's still a black hole, but I at least know what kind of shenanigans my open source pals are up to in there.
Awesome product. Awesome customers. Awesome team. We've deployed Socket to our whole GitHub organization – love their product + take on supply chain security for us/the world!
We love using Socket to protect Wormhole. Detecting supply chain attacks by analyzing dependency behavior is such a refreshingly obvious idea once you see it in action.