Phylum
Phylum is a company that offers a comprehensive software supply chain security platform, providing automated security solutions, risk analysis, and support for multiple programming languages and package managers.
Services
Phylum offers a software supply chain security platform that automates software supply chain security processes. The platform contextualizes risks and blocks attacks while ensuring the use of trusted open-source code. Phylum’s services are designed to prevent threats before they reach the developer's workstation through analysis across five domains. Additionally, Phylum provides a threat feed of open-source malware available via annual subscription.
Products
Phylum provides various products to cater to different user needs. Their offerings include a free plan for individual developers, a Teams plan for security visibility and influence, and an Enterprise plan for custom requirements. The free plan supports a single user and up to 5 projects with features like full Phylum language coverage and risk scoring. The Teams plan supports up to 350 users with enhanced features including event logs and custom policies. The Enterprise plan provides for 350+ users with options for SaaS or on-premise deployment and custom integrations.
Supported Programming Languages and Package Managers
Phylum supports a variety of programming languages and package managers to cover a broad spectrum of development needs. These include JavaScript/TypeScript via npm, Python via PyPI, Ruby via RubyGems, Java via Maven, C#/.NET via NuGet, Rust, and Go. This extensive support ensures that developers can secure their software supply chains regardless of their preferred toolsets.
Partnerships
Phylum has established partnerships with various organizations to strengthen software supply chain security defenses. These partnerships are framed around providing correlated and contextual risk analysis combined with trusted tools. Some of Phylum’s notable partners include GitHub, GitLab, Bitbucket, Azure DevOps, Dazz, Sophos, Tines, and AWS Marketplace.
Mission
Phylum’s mission is to secure the universe of code. The company is driven by a team of career security researchers and developers who have decades of experience in both the U.S. Intelligence community and the commercial sector. This collective expertise is leveraged to create advanced solutions that aim to protect software supply chains from end to end.