We started Socket with a simple but audacious goal: to safeguard the open source ecosystem for everyone. Today, that dream is a bit brighter—literally! Our logo is lighting up Times Square! Every great company is a conspiracy to change the world. Thank you to our many co-conspirators — our early customers, founding employees, investors, mentors, and the open source and security communities — we wouldn't be here without your support. We're just getting started.
Socket
Computer and Network Security
Secure your supply chain. Ship with confidence.
About us
Socket is a cybersecurity platform that protects companies from software supply chain attacks. Companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.
- Website
-
https://socket.dev
External link for Socket
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- San Francisco
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Software, Security, Software supply chain, Open source software, Application Security, Cybersecurity, and Software Composition Analysis (SCA)
Locations
-
Primary
San Francisco, US
Employees at Socket
Updates
-
Another deep dive into one of Socket’s alerts: Learn how to mitigate the supply chain risks of using open source packages containing dependencies that resolve to a remote git URL. https://lnkd.in/eE9BCytz #OSS
-
🎉 Exciting news today: Node.js has added experimental support for TypeScript with the new --experimental-strip-types flag. https://lnkd.in/eh8fe5gg #NodeJS #TypeScript
Node.js Adds Experimental Support for TypeScript - Socket
socket.dev
-
🚀 Exciting news! We've just launched our Product Changelog! We’re rolling out new features, improvements, and fixes every day. Stay in the loop with all the latest updates: https://lnkd.in/ex9UMdnj
What’s New at Socket: Introducing Our Product Changelog - Socket
socket.dev
-
On the Risky Business podcast, Feross Aboukhadijeh explains how Socket catches malicious packages in real-time across major open source package registries: https://lnkd.in/ep8iDBpm #CyberSecurity #OSS
-
Why traditional vulnerability tracking falls short in open source software ecosystems: Feross Aboukhadijeh breaks down the complex landscape of supply chain threats, from protestware to state-sponsored backdoors. This is why we need to look beyond CVEs to secure our dependencies. https://lnkd.in/ep8iDBpm #OSS
-
🎙 Beyond Malware: The Surprising Ways Developers Abuse Open Source Package Registries - Check out Tom Uren's interview with Feross Aboukhadijeh on the Risky Business podcast: https://lnkd.in/ep8iDBpm
-
Socket reposted this
🔥 In the latest Risky Biz episode, I discussed the limitations of the National Vulnerability Database (NVD) in addressing the risks of using open source packages. 🤯 Socket detects OVER 100 supply chain attacks PER WEEK in npm, PyPI, Maven, & Go. cc Patrick Gray Tom Uren https://lnkd.in/gg8SMWJt
Risky Biz Podcast: Tackling Modern Supply Chain Attacks in OSS Beyond Vulnerabilities
https://www.youtube.com/
-
🎙️ New Risky Business podcast: Socket CEO Feross Aboukhadijeh discusses why the NVD falls short on modern open source risks. We're detecting ~100 supply chain attacks per week and this episode dives into the diverse range of threats we see in malicious packages. https://lnkd.in/ep8iDBpm
Risky Biz Podcast: How Socket Goes Beyond Vulnerabilities to Tackle Modern Supply Chain Attacks in Open Source Software - Socket
socket.dev
-
Come meet the Socket team at BlackHat and DEF CON! We're sponsoring some fun networking events and we would love to connect. Space is extremely limited, but if your schedule permits, please join us! https://lnkd.in/eu5dUbU9
Meet Socket at BlackHat and DEF CON in Las Vegas - Socket
socket.dev