Malware Early Warning (MEW)
Last updated
Last updated
Cybersecurity solutions primarily focus on detecting and addressing known vulnerabilities such as Common Vulnerabilities and Exposures (CVEs) to combat malware.
While this approach provides a foundational level of security, it has significant limitations that can expose organizations to sophisticated zero-day attacks among others.
While organizations may believe they are protected by addressing all known CVEs, there is still a significant risk from unknown threats and advanced malware that exploit novel vulnerabilities. Comprehensive security measures are essential to safeguard against these sophisticated attacks.
According to the 2023 IBM X-Force Threat Intelligence Index, 29% of security incidents involved malware that exploited unknown or zero-day vulnerabilities, underscoring the limitations of a solely CVE-focused approach.
In addition to SCA features (see ), Xygeni offers a Malware Early Warning (MEW) Service designed to raise alerts for suspicious packages. This service proactively protects your software supply chain and supports the implementation of security gates to block malware threats before they infiltrate your application.
Proactive Malware Blocking: Detect and block zero-day malware as soon as new packages are published, preventing malicious code from entering your development environment.
Immediate Notifications: Receive real-time alerts through standard Xygeni mechanisms, enabling rapid response to mitigate risks.
Comprehensive Threat Review: Security researchers review suspicious packages, and findings are confirmed with public registries to ensure accurate threat assessment. Our customers can review them in our Web UI.
Public Disclosure and Community Protection: Confirmed threats are publicly disclosed to inform the wider community and prevent re-entry into the ecosystem.