February 2025 Edition of Kodem Kernels
This month, we introduced several enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision. Our new features allow users to customize their code repository views, gain actionable insights inot package behavior through runtime and function-level data, automate workflows and integrate security scanning into their development environment.
These updates reflect our commitment to delivering comprehensive and intuitive tools that streamline application security workflows and enable teams to manage projects with greater clarity and control.
Code Repository Configuration
The new Code Repository Configuration tab empowers all users to customize how data is viewed and managed, particularly for monorepos.
This feature empowers teams to:
- Configure monorepos into smaller projects for each manifest file and gain clear visibility into each repository's manifest files and folder tree, simplifying management.
- Manually correlate deployed images to projects for better results and control over your security practices, ensuring a comprehensive understanding of the code’s operational context.
- Achieve runtime indications at the repository level and benefit from more accurate fix suggestions, leveraging the new visibility from code to image.
- Exclude specific paths from scans for targeted scanning in any repository, optimizing scanning strategies and resource utilization.
Enhanced Runtime Evidence
The enhanced Runtime Evidence tab provides deeper insights into why issues are classified as runtime, enabling teams to prioritize vulnerabilities more effectively.
With this feature you can:
- Understand the runtime context of issues with detailed evidence, including executed processes, loaded files and functions with vulnerable components, eliminating guess work about theoretical vs. actual risk.
- Observe instances across multiple environments and download recent observations with timestamped runtime evidence, including full execution context, container image and environment details.
- Validate vulnerability exploitation paths by tracking function calls in memory, allowing teams to prioritize fixes based on real runtime data.
Workflows & Webhooks
The new Workflows feature automates processes and reduces manual overhead, empowering teams to streamline their security operations.
With Workflows, you can:
- Set up resource-specific workflows tailored to your unique requirements, ensuring alignment with your organization's processes and policies.
- Define event-driven triggers to initiate workflows automatically, such as new or modified open-source issues and new code issues, enabling proactive issue management.
- Add granular control with conditions based on issue attributes like severity, score, EPSS, and runtime, allowing for targeted and efficient workflow execution.
- Integrate seamlessly with existing systems using webhooks, facilitating real-time notifications and collaboration with other tools and teams.
{{demo-video="/314695942731"}}
Blog written by
Gal Sapir
With six years of technical writing expertise in the SaaS industry, Gl specializes in translating complex technical concepts into clear API documentation, user guides, technical tutorials and product updates. Her collaborative approach with cross-functional teams ensures technical accuracy while delivering clear content that effectively communicates across diverse audiences.
More blogs
When NPM Goes Rogue: The @ctrl/tinycolor Supply-Chain Attack
On September 15, 2025, researchers at StepSecurity and Socket disclosed a large, sophisticated supply-chain compromise in the NPM ecosystem. The incident centers around the popular package @ctrl/tinycolor (with over two million weekly downloads), but it extends far beyond: 40+ other packages across multiple maintainers were also compromised.
Malicious Packages Alert: The Qix npm Supply-Chain Attack: Lessons for the Ecosystem
The npm ecosystem is in the middle of a major supply-chain compromise. The maintainer known as Qix is currently targeted in a phishing campaign that allows attackers to bypass two-factor authentication and take over their npm account. This is happening right now, and malicious versions of widely used libraries are being published and distributed.
Security Issues in popular AI Runtimes - Node.js, Deno, and Bun
Node.js, Deno, and Bun are the primary runtimes for executing JavaScript and TypeScript in modern applications. They form the backbone of AI backends, serverless deployments, and orchestration layers. Each runtime introduces distinct application security issues. For product security teams, understanding these runtime weaknesses is essential because attacks often bypass framework-level defenses and exploit the runtime directly.
A Primer on Runtime Intelligence
See how Kodem's cutting-edge sensor technology revolutionizes application monitoring at the kernel level.
Platform Overview Video
Watch our short platform overview video to see how Kodem discovers real security risks in your code at runtime.
The State of the Application Security Workflow
This report aims to equip readers with actionable insights that can help future-proof their security programs. Kodem, the publisher of this report, purpose built a platform that bridges these gaps by unifying shift-left strategies with runtime monitoring and protection.
.png)
Get real-time insights across the full stack…code, containers, OS, and memory
Watch how Kodem’s runtime security platform detects and blocks attacks before they cause damage. No guesswork. Just precise, automated protection.
Stay up-to-date on Audit Nexus
A curated resource for the many updates to cybersecurity and AI risk regulations, frameworks, and standards.