Primary buyers Enterprise DevSecOps teams — 500+ developers, multiple CI/CD pipelines, already using Splunk for SIEM. Direct pain: can't see what their pipelines install at runtime Financial services security teams — regulated environments where a single supply chain breach triggers regulatory fines. DORA (EU) and PCI DSS v4 both require CI/CD monitoring SaaS companies with large open source footprint — GitHub-native, 100+ microservices, npm/PyPI-heavy. Most don't have runtime package monitoring Secondary buyers MSSPs managing Splunk for mid-market clients who can't afford dedicated AppSec tooling US federal contractors under EO 14028 SBOM compliance pressure
(Real incidents):- Lazarus Group npm campaign (March 2025) — malicious npm packages with 5-stage payload: dropper → credential theft → crypto wallet drain → persistent backdoor. Downloaded multiple times before removal Codecov breach (2021) — CI/CD script compromise undetected for 3 months; hundreds of organizations leaked API keys and tokens automatically Shai-Hulud worm (Sept 2025) — first self-replicating registry-native worm. Infected 500+ npm packages, compromised 25,000 GitHub repos. Entire attack occurred inside CI/CD installs
Built With
- agents
- ai
- amazon-web-services
- d3.js
- guardrials
- llm
- nvedia
- observability
- react
- splunk
- vercel
Log in or sign up for Devpost to join the conversation.