Blog

Follow for the latest updates and insights on
open source security & engineering.

Malware Security Announcements AI Engineering Technology Open Source SCA Compliance & SBOM CI/CD

Gryph: Audit Trail for AI Coding Agents

AI coding agents operate with broad access to your codebase, credentials, and shell. Gryph logs every action they take to a local SQLite database, making agent behavior visible, queryable, and...

Shadow AI Discovery: Find Every AI Tool and SDK in Your Stack

AI tools and SDKs are spreading across developer environments faster than security teams can track. vet discovers agents, MCP servers, extensions, and AI SDK usage in code. Open source, local, one...

Integrate SafeDep MCP in GitHub Agentic Workflow

Learn how to integrate SafeDep MCP with GitHub Agentic Workflows to automatically evaluate the security posture of OSS dependencies in your pull requests using AI.

Malicious npm Packages Target Schedaero via Dependency Confusion

A detailed analysis of a dependency confusion supply chain attack likely targeting Schedaero, a leading aviation software company. We dissect the payload, the exfiltration mechanism, and the...

Previous Next

Ship Code.

Not Malware.

Start free with open source tools on your machine. Scale to a unified platform for your organization.

Star on GitHub Book a Demo