We started Socket with a simple but audacious goal: to safeguard the open source ecosystem for everyone. Today, that dream is a bit brighter—literally! Our logo is lighting up Times Square! Every great company is a conspiracy to change the world. Thank you to our many co-conspirators — our early customers, founding employees, investors, mentors, and the open source and security communities — we wouldn't be here without your support. We're just getting started.
Socket
Computer and Network Security
Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS.
About us
Socket is a cybersecurity platform that protects companies from software supply chain attacks. Companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.
- Website
-
https://socket.dev
External link for Socket
- Industry
- Computer and Network Security
- Company size
- 51-200 employees
- Headquarters
- San Francisco
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Software, Security, Software supply chain, Open source software, Application Security, Cybersecurity, and Software Composition Analysis (SCA)
Locations
-
Primary
Get directions
San Francisco, US
Employees at Socket
Updates
-
🌟 Oxlint is now in beta with 500+ built-in rules and 2X faster #JavaScript linting. Next up: custom plugin support and improved IDE integration: https://lnkd.in/gKXDWyqt
-
🚨 In case you missed it over the weekend: A GitHub Actions supply chain attack compromised the popular 'tj-actions/changed-files' action, potentially exposing secrets in CI/CD logs. Take immediate action to secure your workflows: https://lnkd.in/eTfg6KhQ #cybersecurity
-
🚨 Supply Chain Attack Alert for #Java Developers: A malicious Maven package, typosquatting the popular 'scribejava-core' OAuth library, exfiltrates credentials on the 15th of every month. 🗓️ https://lnkd.in/eR3cq9Y9 #CyberSecurity
-
🚀 Big news for npm users! Socket and Seal Security collaborated on resolving a critical 3-year-old npm overrides bug, and the fix just shipped in version 11.2.0. → https://lnkd.in/e_YDgzZM #NodeJS #JavaScript
-
Socket reposted this
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. ➡️Learn more: https://lnkd.in/e66UJuZw
-
-
🚀 Big news for TypeScript! Microsoft is porting the TypeScript compiler to Go, delivering 10x faster builds, lower memory usage, and snappier editor performance. A huge leap forward for developers! https://lnkd.in/eV9JBN8M #golang #TypeScript
-
🚨 The Socket Research Team has uncovered 6 new malicious npm packages linked to North Korea’s #Lazarus Group. These packages steal credentials, extract crypto data, and deploy backdoors. Read the full report: https://lnkd.in/e8GTxze7 #NodeJS #cybersecurity #malware
-
🎧 Socket CEO Feross Aboukhadijeh joined @winklertim on The Pair Program podcast to talk about the open web, open source security, and how Socket is tackling supply chain attacks. Check out this fun episode. ↣ https://lnkd.in/egbrg8Pd hatchpad
-
Big launch from the Opengrep team this week! This open source project has a lot of momentum. It is well organized and is establishing itself as a serious, sustainable alternative in the #SAST ecosystem, not just a reactive fork. Check out the new Opengrep Playground in alpha! https://lnkd.in/e4-sgYzU