Phylum Reviews

Phylum Description

Phylum is a security-as-code platform that gives security and risk teams more visibility into the code development lifecycle, and the ability to enforce security policy without disrupting innovation. Phylum analyzes open-source software packages as they are published and contextualizes the risks, protecting developers and applications at the perimeter of the open-source ecosystem and the tools used to build source code. The platform can be deployed on endpoints or plug directly into CI/CD pipelines so organizations experience seamless, always-on defense at the earliest stages of a build.

Pricing

Free Version:

Yes

Integrations

API:

Yes, Phylum has an API

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

Phylum

Year Founded:

2020

Website:

phylum.io

Update This Listing

Media

Product Details

Platforms

SaaS

Windows

Mac

Linux

Type of Training

Documentation

Live Online

Videos

Customer Support

Phone Support

Online

Phylum Features and Options

Software Composition Analysis (SCA) Tool

Application Security Software

Analytics / Reporting

Open Source Component Monitoring

Source Code Analysis

Third-Party Tools Integration

Training Resources

Vulnerability Detection

Vulnerability Remediation

DevOps Software

Approval Workflow

Dashboard

KPIs

Policy Management

Portfolio Management

Prioritization

Release Management

Timeline Management

Troubleshooting Reports

Cyber Risk Management Software

Software Bill of Materials (SBOM) Tool

Phylum Lists

Software Supply Chain Security

Compare Phylum Against Alternatives

vs.

Revenera SCA

Take control of your open-source software management. Your organization can manage open source software (OSS), and third-party components. FlexNet Code Insight assists development, legal, and security teams to reduce open-source security risk and ensure license compliance using an end-to-end...

Compare
vs.

Mend.io

Mend.io (formerly WhiteSource), the leading solution for agile open-source security and license compliance management, integrates with DevOps pipeline in real time to detect vulnerable open-source libraries. It offers policy automation and remediation paths to speed up the time-to-fix. It...

Compare
vs.

JFrog Xray

DevSecOps Next Generation - Securing Your Binaries. Identify security flaws and license violations early in development and block builds that have security issues before deployment. Automated and continuous auditing and governance of software artifacts throughout the software development cycle,...

Compare
vs.

Xygeni

Protect the integrity and security of your software assets, pipelines and infrastructure of the entire Software Supply Chain. Xygeni platform protects the integrity and security of our customers’ software ecosystem throughout the entire SDLC. Our platform enables systematic risk assessment,...

Compare
vs.

SCANOSS

SCANOSS believes that now is the right time to reinvent Software Composition Analysis. With a goal of "start left" and a focus on the foundation of reliable SCA (the SBOM), An SBOM that is easy to use and does not require a large army of auditors. SCANOSS offers an SBOM that is 'always-on'....

Compare
vs.

NTT Application Security

The NTT Application Security Platform offers all the services necessary to protect the entire software development cycle. We help organizations reap the benefits of digital transformation without worrying about security. Be smart about application security. Our application security technology is...

Compare
vs.

Kiuwan Code Security

Security Solutions for Your DevOps Process Automate scanning your code to find and fix vulnerabilities. Kiuwan Code Security is compliant with the strictest security standards, such OWASP or CWE. It integrates with top DevOps tools and covers all important languages. Static application...

Compare
vs.

Backslash Security

Ensure the security and integrity of your code. Identify externally accessible data flows and vulnerabilities to effectively mitigate risk. By identifying the real attack paths that lead to reachable code we allow you to fix only code and open source software that are in use and reachable. Avoid...

Compare

Similar Software

Mend.io

Mend.io (formerly WhiteSource), the leading solution for agile open-source security and license compliance management, integrates with DevOps pipeline in real time to detect vulnerable open-source libraries. It offers policy automation and remediation paths to speed up the time-to-fix. It...

View Software
Xygeni

Protect the integrity and security of your software assets, pipelines and infrastructure of the entire Software Supply Chain. Xygeni platform protects the integrity and security of our customers’ software ecosystem throughout the entire SDLC. Our platform enables systematic risk assessment,...

View Software
JFrog Xray

DevSecOps Next Generation - Securing Your Binaries. Identify security flaws and license violations early in development and block builds that have security issues before deployment. Automated and continuous auditing and governance of software artifacts throughout the software development cycle,...

View Software
Revenera SCA

Take control of your open-source software management. Your organization can manage open source software (OSS), and third-party components. FlexNet Code Insight assists development, legal, and security teams to reduce open-source security risk and ensure license compliance using an end-to-end...

View Software