Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
__s
4 days ago
|
parent
|
context
|
favorite
| on:
Shai-Hulud Returns: Over 300 NPM Packages Infected
There are companies like Helix Guard scanning registries. They advertise static analysis / LLM analysis, but honeypot instances can also install packages & detect certain files like cloud configs being accessed
Yokohiii
4 days ago
[–]
But relying on the goodwill of commercial sec vendors is it's own infrastructure risk.
reply
limagnolia
4 days ago
|
parent
|
next
[–]
So don't rely on their goodwill? Instead, pay them, under a contract.. or do it yourself.
reply
perlgeek
4 days ago
|
parent
|
prev
[–]
You can also pay a commercial sec vendor if you don't want to rely on their goodwill.
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
