About WhiteSource Diffend
WhiteSource Diffend was created to help protect open source users against software supply chain attacks, and has already proven itself to be extremely effective at detecting and blocking attempts at malicious exploits. WhiteSource Diffend had already detected and reported hundreds of malicious packages that were swiftly removed from their registry, to protect open source users from accidentally installing malicious code.
In a nutshell, here is how WhiteSource Diffend works:
Scans new open source releases immediately, performing dozens of tests to assess the likelihood that the package/release is malicious.
On April 2021, Whitesource announced the acquisition of diffend.io, to add software supply chain risk mitigation capabilities to its current application security offering.