Business Wire

Veracode Acquires Phylum, Inc. Technology to Transform Software Supply Chain Security

6.1.2025 17:07:00 CET | Business Wire | Press release

Share

Technology Acquisition Delivers Automated Malicious Package Analysis, Detection, and Mitigation in Open-source Code

Veracode, a global leader in application risk management, today announced it has acquired certain assets of Phylum, Inc., including its malicious package analysis, detection, and mitigation technology. The acquisition enhances Veracode’s ability to identify and block malicious code in open-source libraries, marking continued investment in its software supply chain risk management capabilities. This gives customers a more comprehensive view of risks associated with open-source code usage, strengthening their defenses against emerging threats.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250106967344/en/

null

Veracode acquires technology from Phylum, Inc. (Graphic: Business Wire)

With software supply chain attacks projected to triple in cost from $46 billion in 2023 to $138 billion by 20311, safeguarding against these risks is now mission-critical for organizations. Through Phylum’s innovative technology, Veracode empowers customers to proactively prevent attacks by identifying and blocking malicious packages and vulnerabilities in real time. The addition of a package management firewall and an unmatched malicious package database further strengthens Veracode’s ability to mitigate emerging software threats before they impact customers.

Ravi Iyer, Chief Product Officer at Veracode, said, “This acquisition advances Veracode’s mission to be the most comprehensive application risk management platform by significantly expanding our ability to identify, mitigate, and remediate risks across the software supply chain. With Phylum’s unmatched database and cutting-edge research—proven to detect 60 percent more malicious packages than any other vendor—our customers will gain the confidence to innovate faster, knowing their software is protected against evolving threats.”

Veracode Prevents, Detects and Fixes Malicious Packages

Malicious packages have become a prevalent attack vector in the software supply chain, capable of infecting networks, stealing sensitive information, and enabling remote code execution. Identifying and mitigating these threats is now a critical component of any robust software composition analysis (SCA) solution. Effective tools must go beyond detection to quarantine and block suspicious packages in real-time.

With Phylum’s fully automated malicious code analysis pipeline, Veracode significantly shortens the window of opportunity for attackers. Newly published packages are analyzed within seconds, helping customers proactively prevent attacks. Phylum’s recent research identified nearly half a million malicious packages, including 2,500 targeted malware campaigns aimed at industries like finance and cryptocurrency, demonstrating the scale and sophistication of these threats.

“Uniting Veracode’s platform and Phylum’s malicious package detection and mitigation technology creates exceptional value for our customers worldwide,” said Aaron Bray, CEO & Co-founder of Phylum, Inc. “By combining our advanced research capabilities with Veracode’s industry-leading platform, we’re expanding the fight against software supply chain threats. Together, we will deliver even greater protection and peace of mind to organizations navigating an increasingly complex threat landscape, and we are excited to join the team.”

Phylum’s technology, including its malicious package database and package management firewall, will be integrated into Veracode’s SCA product, with general availability expected early this year. The acquisition also bolsters Veracode’s renowned security research team with Phylum’s experts, further elevating the company’s ability to protect customers from evolving threats.

For more information about the acquisition and software supply chain security, contact the Veracode team.

1 Gartner Inc., “Leader’s Guide to Software Supply Chain Security”, June 20, 2024

About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and X.

Copyright © 2025 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250106967344/en/

null

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

The Apollo Group Partners with Oaktree Capital to Facilitate its Next Phase of Growth7.1.2025 23:01:00 CET | Press release

The Apollo Group to Leverage 55-Year Track Record to Provide Award-Winning, Full-Service Hospitality Management Services to the Cruise Industry The Apollo Group (“Apollo” or the “Company”), the leading provider of full-service hospitality management services to the cruise industry, has announced a transformative growth investment from funds managed by Oaktree Capital Management, L.P. ("Oaktree"). Apollo specializes in essential and turnkey hospitality services including crew management, food services, food and beverage distribution, end-to-end procurement and logistics and other related services. This investment will enable Apollo to continue to provide best in class service to its existing customer base while expanding its capabilities in food and beverage distribution. "As we explored potential investment partners, Oaktree stood out because of its hands on approach and storied history of successful investing in F&B and hospitality management companies," said Jose Ramon Barrera, CEO o

Biocytogen and Acepodia Join Forces to Advance Bispecific Antibody and Dual-Payload ADCs for Treating Complex Tumors7.1.2025 23:00:00 CET | Press release

Collaboration initiates development of dual-payload bispecific antibody-drug conjugates (BsAD2Cs) Biocytogen’s RenLite® meets Acepodia’s AD2C for precision oncology solutions Biocytogen (HKEX: 02315) and Acepodia (6976:TT), today announced a groundbreaking strategic partnership to jointly assess a dual-payload bispecific antibody-drug conjugate (BsAD2C) program. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250107874851/en/ Biocytogen and Acepodia Join Forces to Advance Bispecific Antibody and Dual-Payload ADCs for Treating Complex Tumors. (Graphic: Business Wire) This collaboration combines Biocytogen’s RenLite® platform with Acepodia’s Antibody-Dual-Drugs Conjugation (AD2C) technology to tackle some of the toughest challenges in oncology—tumor heterogeneity and drug resistance. This novel approach aims to address these complexities by utilizing dual-payloads that target multiple therapeutic or disease pathways. These payl

SPIE, the International Society for Optics and Photonics, Announces Its 2025 Fellows7.1.2025 22:49:00 CET | Press release

The Society is welcoming 47 new Fellow Members from across the globe This year, SPIE, the international society for optics and photonics, welcomes 47 Members as new Fellows of the Society. They join their Fellow Member colleagues in being honored for their excellent technical achievements, as well as for their substantial service to the optics and photonics community and to SPIE. Fellows are Members of the Society who have made significant scientific and technical contributions in the multidisciplinary fields of optics, photonics, and imaging. Since the Society's inception in 1955, more than 1,800 SPIE Members have become Fellows. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250107849416/en/ SPIE, the international society for optics and photonics, welcomes 47 new Fellows in 2025. (Graphic: Business Wire) The inductees this year represent high-profile leaders in academia, industry, and government, many of whom are prominen

Stonebranch Universal Connector Achieves SAP® Certified Integration for RISE with SAP S/4HANA® Cloud7.1.2025 17:25:00 CET | Press release

Stonebranch strengthens its partnership with SAP through a certified integration for RISE with SAP S/4HANA Cloud, empowering enterprise automation across hybrid IT environments. Stonebranch, a leading provider of service orchestration and automation solutions, announced today that its Universal Connector for SAP has achieved SAP® certification as integrated with RISE with SAP S/4HANA® Cloud. The integration helps organizations to centrally orchestrate automated workloads across all SAP applications and beyond. "Our longstanding partnership with SAP reflects our commitment to empowering enterprises with sophisticated automation solutions," said Giuseppe Damiani, Stonebranch CEO. "This certification for SAP RISE with SAP S/4HANA Cloud further strengthens our ability to support hybrid IT environments by offering centralized automation and unparalleled observability for mission-critical operations." Available on the SAP Store, the Universal Connector for SAP is a feature-rich direct integr

Cepton Announces Completion of Acquisition by Koito, Ushering in New Era of Long-Term Lidar Deployment7.1.2025 17:10:00 CET | Press release

Strategic partnership to drive full-scale industrialization of lidar technology, with a strong focus on quality, reliability and sustainability The acquisition combines Cepton's cutting-edge lidar technology with Koito's global automotive expertise, paving the way for new advancements in safe autonomy. By joining forces with Koito, Cepton will accelerate the global commercialization of its lidar solutions across automotive and smart infrastructure markets. The integration of Cepton will expand Koito’s business platform, setting industry standards in mass-market lidar adoption for next-generation mobility solutions. Cepton, Inc. (“Cepton” or the “Company”), a Silicon Valley innovator and leader in high-performance lidar solutions, today announced the completion of its acquisition by KOITO MANUFACTURING CO., LTD. (“Koito”) (TSE: 7276), a leading tier one supplier of automotive lighting systems. As a privately held, indirect subsidiary of Koito in the United States, Cepton will continue t

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye