Automatic security vulnerability scanning
24 x 7 runtime security monitoring
Comprehensive security and risk assessment
Open-source package manager for smart contracts.
The study analyzed 20,000 Rust packages and their dependencies to understand vulnerability propagation in the Cargo package ecosystem. Accurately calculating affected versions reduces false positives, and version ranges are not always reliable indicators. Challenges faced include a lack of security awareness and incentives for package maintainers. The study recommends improving package review mechanisms, providing incentives for security, and implementing security governance strategies to reduce the risk of software supply chain attacks.