# Malware Early Warning (MEW)

Cybersecurity solutions primarily focus on detecting and addressing known vulnerabilities such as Common Vulnerabilities and Exposures (CVEs) to combat malware.

While this approach provides a foundational level of security, it has significant limitations that can expose organizations to sophisticated zero-day attacks among others.

{% hint style="info" %}
Relying on CVEs means these solutions primarily respond to known threats. New and unknown vulnerabilities, can remain undetected until a CVE is published.
{% endhint %}

While organizations may believe they are protected by addressing all known CVEs, there is still a significant risk from unknown threats and advanced malware that exploit novel vulnerabilities. Comprehensive security measures are essential to safeguard against these sophisticated attacks.

According to the *2023 IBM X-Force Threat Intelligence Index*, 29% of security incidents involved malware that exploited unknown or zero-day vulnerabilities, underscoring the limitations of a solely CVE-focused approach.

In addition to SCA features (see [Open Source Security](/xygeni-products/open-source-security-oss/oss-user-interface-guide.md)), Xygeni offers a **Malware Early Warning (MEW)** Service designed to raise alerts for suspicious packages. This service proactively protects your software supply chain and supports the implementation of security gates to block malware threats before they infiltrate your application.

### Key Benefits of the Early Warning Service:

* **Proactive Malware Blocking**: Detect and block zero-day malware as soon as new packages are published, preventing malicious code from entering your development environment.
* **Immediate Notifications**: Receive real-time alerts through standard Xygeni mechanisms, enabling rapid response to mitigate risks.
* **Comprehensive Threat Review**: Security researchers review suspicious packages, and findings are confirmed with public registries to ensure accurate threat assessment. Our customers can review them in our Web UI.
* **Public Disclosure and Community Protection**: Confirmed threats are publicly disclosed to inform the wider community and prevent re-entry into the ecosystem.

<figure><img src="/files/PQWjAD0BWBDCCuvvSylc" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.xygeni.io/xygeni-products/open-source-security-oss/malware-early-warning-mew.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.