Developers love Socket

What do you do when an old friend builds an obviously great product and raises a medium-sized fortune from one of your mentors?

You tell everybody, of course.

Congrats Feross Aboukhadijeh and Zane on announcing to the world that you're working together. Have learned so much from both of you over the years. So proud to be an investor.

Socket is one of those products that you see and immediately know it is not only thinking about problems differently, but a taking completely new approach on carrying out the solution also. They're working towards empowering every developer to know exactly what is being introduced into their code when building while also managing the complexity in the full lifecycle of projects.

I'm blown away by what they've created so far, the caring team they've grown, and can't wait to see where they're going to go with this additional support. Congrats! Check them out!

https://socket.dev/

Big congrats to Socket on their Series A milestone! Their product provides our teams with the early touchpoints we need to ensure a greater level of open-source software security, and help our engineers ship with confidence.

Discover more about their impressive journey and what this achievement means for the industry on TechCrunch:

https://lnkd.in/gSqQsPSh

#oss #opensource #cybersecurity #seriesafunding

Too many developers and engineering teams do not take the dangers of packages seriously enough. Our Engineering and Security teams at JupiterOne use Socket every day for deep visibility into the packages that we are using and install. Socket provides a new level of confidence that we previously didn't have. If you're using JavaScript/TypeScript or Python, you should seriously consider checking out this product and the free tools that Socket offers. I hear that support for new ecosystems and languages is actively being worked on. 👀

Thank you for building this awesome product and for complimenting an awesome product with awesome swag!

#security #npm #nodejs #javascript #python

Congrats on launch @feross and team!!

How do you track the validity of open source software libraries as they get updated? You're prob not. Check out @SocketSecurity and the updated tooling they launched.

Supply chain is a cluster in security as we all know and the tools from Socket are "duh" type tools to be implementing. Check them out and follow Feross Aboukhadijeh to see more updates coming from them in the future.

Congrats to Feross Aboukhadijeh and the Socket team on the progress and capital raise to accelerate growth. Defending open source from supply chain attacks is key for the future of enterprise software and technological innovation!

Exciting work to improve OSS supply chain security by the exceedingly talented @feross 🙌🏼

Really excited for this! Congrats on the ship @feross

Socket is one of the most interesting approaches to supply chain security. If you are interested in the risks of malicious deps in oyur apps, I definitely recommend taking a look at Socket!@feross

If what you are building needs to be secure and you use open-source, socket is a must!

This is going to be super important, especially for crypto projects where a compromised dependency results in stolen user assets.

A brilliant initiative -- so, so needed.

Security is such an issue with our software supply chains.

I'm thrilled to see tools that can catch the issues, before they destroy our projects, or even the whole business.

Software supply-chain attacks are not talked about nearly enough. Socket is really cool and Feross gets this stuff better than anyone

Congrats to Feross Aboukhadijeh for launching Socket, a new effort to solve some of the biggest problems in security!

Congrats to @feross and the entire @SocketSecurity team for launching socket.dev! It's great to have such a talented team tackling the software supply chain problem for the JS ecosystem in a scalable way 👏

Love seeing efforts like this! Tooling around package management has such a big leverage on ecosystem quality but is worked on far too rarely.

Wow, this looks pretty incredible… and complete with snazzy js visualizations, ofc ✨✨✨

Congrats @feross ! Awesome to see @MikolaLysenko on the team as well. What a stacked group!

Super excited for this. Especially for suspicious package search that's an absolute game changer. Excited to switch @fig's package search for npm over to this!!

congrats on your launch!!

Congrats on the launch! Looks really cool.

The best hacker I know has decided to use his skills to… make a service that protects you from hackers

Buy buy buy

This is such a great idea & looks fantastic, congrats & good luck @feross + team!

CONGRATS Feross Aboukhadijeh and Socket on the huge milestone!!

Really inspired by seeing people in the JavaScript open source scene for years turn around and create companies. Thinking of @SocketSecurity and @vercel ❤️.

@feross was always the open-source expert @southpkcommons. Excited to see him and the team take on the challenge of securing that ecosystem!

glad to hear some of the smartest people i know are working on (npm, etc.) supply chain security finally :). @SocketSecurity

Congrats to Feross Aboukhadijeh and Socket on announcing their existence!

The NPM ecosystem is a horrible horrible place and I'm glad you're doing something about it.

The @SocketSecurity team is on fire! Amazing progress and I am exciting to see where they go next.

This is an area that I have personally been very focused on. As Nat Friedman said in the 2019 GitHub Universe keynote, Open Source won, and every time you add a new open source project you rely on someone else code and you rely on the people that build it.

This is both exciting and problematic. You are bringing real risk into your organization, and I'm excited to see progress in the industry from OpenSSF scorecards and package analyzers to the company that Feross Aboukhadijeh is building!

Congrats to everyone at @SocketSecurity ❤️🤘🏻

If software supply chain attacks through npm don't scare the shit out of you, you're not paying close enough attention.

@SocketSecurity sounds like an awesome product. I'll be using socket.dev instead of npmjs.org to browse npm packages going forward

Huge congrats to @SocketSecurity! 🙌

Literally the only product that proactively detects signs of JS compromised packages.

@SocketSecurity is great! Check it out if you use open source in your product.

My far-smarter-than-me former roommate just nabbed a great seed round – amazing @feross (and my far-smarter-than-me former colleague @zackwhittaker has the scoop)

Congrats, Feross. That's awesome! 🙌

A great win and a good testament for the much needed investment in supply chain security concerns around open source ecosystems. Also, more friends for me to collab with 😉

WAHOO! YES! Congrats @bcomnes, @feross, el al! So stoked for you! 🙌🚀🎉

This is super exciting news! Way to go Team Socket!!

Congrats @feross @SocketSecurity! Best service for preventing software #supplychainsecurity attacks we use it at @PassfolioApp

Congrats @feross on launching @SocketSecurity! Excited for how this solves a huge problem in securing open source supply chains. Check it out at producthunt.com/posts/socket-2

Super useful tech as usual by @feross! Congrats.

socket.dev is getting more appealing by the hour

I find it surprising that we don't have _more_ supply chain attacks in software:

Imagine your airplane (the code running) was assembled (deployed) daily, with parts (dependencies) from internet strangers. How long until you get a bad part?

Excited for Socket to prevent this

congrats to @SocketSecurity for raising! supply chain attacks are by far one of the hardest things to prevent.

Congrats to @feross and the @SocketSecurity team on their seed funding! 🚀 It's been a big help for us at @CoderHQ and we appreciate what y'all are doing!

Congratulations Feross and team!!!! ✨✨🚀🚀✨✨

Yeah babyyyy @SocketSecurity just raised a big seed round to continue working on the FOSS ecosystem security. Congrats @feross @jhiesey @alxhotel and team!

Congrats @feross and team!

We're using @SocketSecurity at @OndoFinance to help keep us safe!

Grateful to be supporting and working w @feross (for the 2nd time) and excited to see @SocketSecurity launch!

Trust the former @southpkcommons open source expert to protect your open source software!

Unsurprisingly great stuff from great people. Huge congrats to the team @SocketSecurity!

So awesome to see @SocketSecurity launch with a fresh approach! Excited to have supported the team from the early days.

heck yes this is awesome!!! Congrats team 🎉👏

Congrats to Socket and Feross Aboukhadijeh for raising Socket's $4.6M seed round! Ever since I started using JavaScript, I've been concerned about the risks of transitive dependencies. Socket provides free, and transparent, analysis of dependencies. Excited to see where Socket heads!

Seriously, if you're working on web3-related open-source software please consider using @SocketSecurity. Supply chain attacks are becoming a real issue, especially if your code handles millions of dollars in value.

Btw. they just raised some money 🤑

Congrats to Socket on their launch! Feross Aboukhadijeh and the team are building incredibly cool tech to keep software safe from bad actors and I can think of few founders with as much drive and passion for what they do. [...]

Congrats!