Sweet Security now offers the first-of-its-kind runtime-backed package reputation checks for cloud-native organizations.

TEL AVIV, Israel, Jan. 08, 2025 (GLOBE NEWSWIRE) — Sweet Security, a leading provider of Cloud Native Detection and Response solutions, is proud to announce the integration of Illustria’s zero-day detection capabilities for open-source software. This new partnership introduces a cutting-edge Package Reputation feature into Sweet Security’s comprehensive Vulnerability Management suite, fully backed by runtime.

Package Reputation is an essential capability for organizations seeking to secure their software supply chain. By analyzing the reputations of open-source packages, Sweet Security provides a comprehensive view of potential risks, highlighting suspicious packages, malicious maintainers, and abnormal behaviors. This proactive risk assessment allows users to address potential threats before the package becomes vulnerable and poses a significant attack vector, such as Typosquatting, Dependency Confusion, and Starjacking—common attack vectors that adversaries leverage.

“High-profile attacks like the recent XZ Utils exploit, where vulnerabilities in widely used open-source packages were targeted, underscore the importance of our new Package Reputation feature,” said Orel Ben-Ishay, VP of R&D at Sweet Security. “The integration of Illustria’s detection technology into Sweet Security offers cloud-native organizations an additional layer of protection against the growing risks posed by unvetted and compromised dependencies. With this proactive approach, we can help our customers detect and neutralize threats earlier in the software development lifecycle—before they turn into full-scale attacks.”

This partnership not only strengthens Sweet Security’s ability to prevent supply chain attacks but also enhances the overall ability to detect and respond to threats from open-source components. By incorporating Illustria’s zero-day detection into Sweet’s platform, users benefit from a unique combination of real-time monitoring, runtime risk indicators (such as executed and loaded vulnerabilities), and third-party package reputation—empowering them to stay one step ahead of increasingly sophisticated threats targeting the software supply chain.

“We are excited to join forces with Sweet Security,” said Idan Wiener, CEO and Co-founder of Illustria. “This partnership aligns with our vision of offering proactive security solutions that not only address known vulnerabilities but also tackle emerging threats in the software supply chain. Combining our strengths enables us to deliver unprecedented protection to our customers, ensuring their applications are safeguarded at every stage of the development process.”

About Sweet Security

Specializing in Cloud Native Detection and Response, Sweet Security protects cloud environments in real-time. Founded by the IDF’s former CISO, Sweet’s solution unifies threat insights from cloud applications, workloads, and infrastructure. Leveraging a lean, eBPF-based sensor and deep behavioral analysis, Sweet analyzes anomalies, generating vital insights on incidents, vulnerabilities, and non-human identities. Its GenAI-infused technology cuts through the noise and delivers actionable recommendations on critical, real-time cloud risks. Privately funded, Sweet is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures, and an elite group of angel investors. For more information, please visit http://sweet.security.

About Illustria

Illustria aims to promote responsible use of open source by preventing software supply chain attacks in the development lifecycle. By bridging the gap between security teams and engineering, Illustria helps you keep your applications secure throughout their lifecycle. To experience the benefits of Illustria’s solution, schedule a demo today at https://illustria.io and safeguard against supply chain attacks.

Media Contact

Noa Glumcher

VP of Marketing at Sweet Security

noag@sweet.security

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/afa4fae4-ce93-4de0-abfa-26abdfeaf74d