Introduction

Behavioural monitoring and security for CI/CD pipelines.

listen.dev is a behavioural analysis tool that plugs into your CI/CD pipeline and observes behavior of build/test workflows. It allows developers and security teams to flag malicious behavior coming from open source software dependencies.

Some of the benefits are:

  • Deep visibility - observes actual execution behavior when code is run inside your environments, instead of relying on a static, top-level view and upstream heuristics as indicators of risk. This provides runtime context and reduces false positives. Read more about our runtime monitoring approach here.

  • Proactive Threat Detection against novel supply chain threats that are conditional, unknown and multi-stage, as seen in attacks like Solarwinds, CodeCov, Pytorch and XZ-Utils incidents.

Last updated

© 2024 Garnet Labs