Isn't this just checking packages against known cves, which wouldn't help for undiscovered or unannounced vulnerabilities. Let me know if I've misunderstood, I'm basing off the documentation site.
Also I find the irony goes hard in their recommendation of installing another attack surface (brew) on Linux and missing the point.
I think, they have an malware detection engine of their own, so not only they help protect from known vulnerabilityes / malwares but also have thier own database
Isn't this just checking packages against known cves, which wouldn't help for undiscovered or unannounced vulnerabilities. Let me know if I've misunderstood, I'm basing off the documentation site.
Also I find the irony goes hard in their recommendation of installing another attack surface (brew) on Linux and missing the point.
I think, they have an malware detection engine of their own, so not only they help protect from known vulnerabilityes / malwares but also have thier own database
their blog: https://safedep.io/dynamic-analysis-oss-package-at-scale/