Using Package Inspection to Prevent Supply Chain Attack Attacks

In addition to detecting supply chain risks when you scan a Project with the Checkmarx SCA scanner, Checkmarx provides the following tools for identifying suspicious packages before downloading the packages. We provide a Package Inspector utility for analyzing the packages in the cloud to verify package integrity before downloading them onto your PC, see Package Inspector.