Sign inDemoInstall

Company News

Socket Joins Forces with Ecosystems to Strengthen Open Source Security

Socket partners with Ecosystems to build and maintain secure, resilient, and sustainable open source ecosystems.

Socket Joins Forces with Ecosystems to Strengthen Open Source Security

Feross Aboukhadijeh

March 15, 2023

Socket is thrilled to announce our partnership with Ecosystems, an effort to build shared infrastructure for researchers, policymakers, funders, and developers seeking to identify, secure, and sustain critical open source components.

As Ecosystems' first commercial customer and financial supporter, Socket is committed to supporting the ongoing development and maintenance of this critical open source project.

Supporting a Secure and Sustainable Future#

Socket's partnership with Ecosystems is a natural fit. Both organizations care deeply about improving the relationship between open source users and producers. This shared vision has brought us together to address some of the key challenges faced by the open source community, such as package security, funding, and project sustainability.

Thanks to Ecosystems, Socket's recently announced Python support is now even more robust. And with Ecosystems' standardized data, we can rapidly expand our support for other language ecosystems in the future.

We are honored to be the first partner and customer on this journey, and we look forward to working together to support the global open source community.

What is Socket?#

Socket fights vulnerabilities and provides visibility, defense-in-depth, and proactive supply chain protection for JavaScript and Python dependencies.

The Socket platform enables security and developer teams to work together to securely use and maintain OSS within the organization. The company was built by prolific open source maintainers whose software is installed over 1 billion times per month, as well as a Stanford security instructor. Customers include top tech organizations and startups.

What is Ecosystems?#

Ecosystems is a set of free and open resources about the production, distribution, and use of open source software. It comprises a structured dataset, released periodically for researchers, funders, and policymakers, and a set of tools and services for application developers. Ecosystems combines data on 6m+ open source components from over 30 package registries with over 100m dependent repositories on GitHub, GitLab, and BitBucket.

With this data they create a map of open source interdependency from which we can infer much about the state of the open source infrastructure on which we all depend.

Dive in#

To learn more about Socket and how we can help you navigate the world of open source software, visit or book a demo with a technical expert on our team. If you're interested in utilizing Ecosystems for your research, policy decisions, funding program, or application, check out

Let's work together to create a safer, more sustainable open source future!

Subscribe to our newsletter

Get notified when we publish new security blog posts!

Related posts

Back to all posts
SocketSocket SOC 2 Logo


Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc