> For the complete documentation index, see [llms.txt](https://docs.xygeni.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.xygeni.io/xygeni-products/open-source-security-oss/malware-early-warning-mew.md).

# Malware Early Warning (MEW)

Cybersecurity solutions primarily focus on detecting and addressing known vulnerabilities such as Common Vulnerabilities and Exposures (CVEs) to combat malware.

While this approach provides a foundational level of security, it has significant limitations that can expose organizations to sophisticated zero-day attacks among others.

{% hint style="info" %}
Relying on CVEs means these solutions primarily respond to known threats. New and unknown vulnerabilities, can remain undetected until a CVE is published.
{% endhint %}

While organizations may believe they are protected by addressing all known CVEs, there is still a significant risk from unknown threats and advanced malware that exploit novel vulnerabilities. Comprehensive security measures are essential to safeguard against these sophisticated attacks.

According to the *2023 IBM X-Force Threat Intelligence Index*, 29% of security incidents involved malware that exploited unknown or zero-day vulnerabilities, underscoring the limitations of a solely CVE-focused approach.

In addition to SCA features (see [Open Source Security](/xygeni-products/open-source-security-oss/oss-user-interface-guide.md)), Xygeni offers a **Malware Early Warning (MEW)** Service designed to raise alerts for suspicious packages. This service proactively protects your software supply chain and supports the implementation of security gates to block malware threats before they infiltrate your application.

### Key Benefits of the Early Warning Service:

* **Proactive Malware Blocking**: Detect and block zero-day malware as soon as new packages are published, preventing malicious code from entering your development environment.
* **Immediate Notifications**: Receive real-time alerts through standard Xygeni mechanisms, enabling rapid response to mitigate risks.
* **Comprehensive Threat Review**: Security researchers review suspicious packages, and findings are confirmed with public registries to ensure accurate threat assessment. Our customers can review them in our Web UI.
* **Public Disclosure and Community Protection**: Confirmed threats are publicly disclosed to inform the wider community and prevent re-entry into the ecosystem.

<figure><img src="/files/PQWjAD0BWBDCCuvvSylc" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.xygeni.io/xygeni-products/open-source-security-oss/malware-early-warning-mew.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.