Malicious package detection

OpenText Core SCA distinguishes between standard security vulnerabilities and the presence of malicious packages, treating the latter as a direct indicator of system compromise. While a typical vulnerability is defined as an unintentional flaw or weakness that could be exploited, malware represents an active, intentional attempt to run unauthorized code within your software.

To provide comprehensive coverage against these threats, OpenText Core SCA pulls data from the osv.dev database to identify and highlight known malicious findings. These findings are surfaced within the repository view, where you can see detailed information regarding the threat and the dependencies involved. You can proactively manage these risks by creating specific Automation Rules focused on malware detection. For instance, you can configure a rule to fail a pipeline immediately or trigger a webhook to notify your security operations center the moment a compromised package is identified. This layer of defense is essential for mitigating modern supply chain attacks such as typosquatting, where attackers inject malicious code into packages with names similar to popular libraries.

By treating malicious package detection as a unique category of risk rather than a subset of vulnerabilities, OpenText Core SCA ensures that your team can react with the appropriate urgency when a compromise is detected