Feross Aboukhadijeh demos the Socket platform, a software security tool that prevents dangerous packages from ending up in your software projects.

00:00 - Start
00:34 - Quick description
01:22 - How Socket is different from traditional Software Composition Analysis tools
04:31 - Tracking SBOMs over time
06:29 - Detecting risks
09:25 - Interventions: block, warn, monitor
11:07 - Blocking a developer
12:23 - Dependency overview
17:44 - Security alert — typosquatting
19:48 - Recent attacks detected
30:23 - Licence analysis
31:35 - Preventing use of dangerous packages

Find Socket at https://socket.dev/