We started Socket with a simple but audacious goal: to safeguard the open source ecosystem for everyone. Today, that dream is a bit brighter—literally! Our logo is lighting up Times Square! Every great company is a conspiracy to change the world. Thank you to our many co-conspirators — our early customers, founding employees, investors, mentors, and the open source and security communities — we wouldn't be here without your support. We're just getting started.
Socket
Computer and Network Security
Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS.
About us
Socket is a cybersecurity platform that protects companies from software supply chain attacks. Companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.
- Website
-
https://socket.dev
External link for Socket
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- San Francisco
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Software, Security, Software supply chain, Open source software, Application Security, Cybersecurity, and Software Composition Analysis (SCA)
Locations
-
Primary
San Francisco, US
Employees at Socket
Updates
-
🚨 Another example of typosquatters lurking in #PyPI: A malicious #Python package is impersonating a popular browser cookie library to steal passwords, screenshots, webcam images, and Discord tokens. https://lnkd.in/eJNgvXQb #CyberSecurity
-
🦕 Deno 2 was released this week: “Deno’s goal is not to become a Node clone in Rust or a drop-in replacement. Our aim is to level up JavaScript, moving beyond 2010-era CommonJS and narrowing the gap between server-side and browser environments in a way that developers can adopt practically. We refuse to accept that JavaScript must remain a tangle of mismatched tooling and endless layers of transpilation, unable to evolve.” - Deno https://lnkd.in/eNVKdjQb
Deno 2 Improves Compatibility with Node.js and npm, Expands ...
socket.dev
-
💔 The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised. https://lnkd.in/euaU5gWr
Internet Archive Hacked, 31 Million Record Compromised - Soc...
socket.dev
-
🌟 TC39 is meeting in Tokyo this week and they have approved nearly a dozen proposals to advance to the next stages. Here are the key features we're watching: https://lnkd.in/eu5GbB_G #JavaScript TC39
TC39 Advances 10+ ECMAScript Proposals: Key Features to Watc...
socket.dev
-
🎃 Nightmares on #npm: Our threat research team breaks down a recent sampling of malicious packages. One of them contains obfuscated code that deletes every file on the system 1hr after the package is installed. ☠️ https://lnkd.in/eKr8s5NY #JavaScript
Nightmares on npm: How Two Malicious Packages Facilitate Dat...
socket.dev
-
🚫💰 White House #Cybersecurity Advisor calls for an end to insurance companies covering reimbursement of #ransomware payments: https://lnkd.in/e5ni5vpr
White House Cybersecurity Advisor Calls for Ban on Using Ins...
socket.dev
-
💎 Did you know that the Socket Web Extension supports inspecting #Ruby gems? (in addition to npm, PyPI, Go, and Maven packages?) We just rolled out a bunch of UI improvements and bug fixes. Check out the changelog update! https://lnkd.in/eXwcFZCK #rails
-
“Linting languages other than JavaScript has been on the ESLint roadmap for a while, so it’s exciting to reach this milestone. Our long-term goal is to ensure that ESLint can lint any kind of file you might use in a web project, whether that be with officially supported language plugins or with community-written plugins. With JavaScript, JSON, and Markdown, we’re already well on our way towards achieving that goal.” - Nicholas C. Zakas https://lnkd.in/eSP4Zzbe #JavaScript #JSON #markdown
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and...
socket.dev
-
🚨 A new investigation from our threat research team: Members Hub is a fraudulent service using a multi-component system designed to artificially boost #Discord server metrics and manipulate the platform. The system includes a main client for managing operations, a token management module, and several activity simulation scripts. These components work together to control multiple Discord accounts simultaneously, simulating user activity to inflate server engagement metrics. https://lnkd.in/eC3KAjNz #CyberSecurity
Unveiling Members Hub: A Large-Scale Campaign to Artificially Boost Discord Server Metrics - Socket
socket.dev