Introducing StepSecurity Threat Intelligence: Real-Time Supply Chain Attack Alerts for Your SIEM

Supply chain attacks are projected to cost organizations $60 billion globally in 2025—a 30% increase from 2023.

Today, we're excited to announce the launch of StepSecurity Threat Intelligence, a comprehensive solution that delivers real-time alerts about supply chain attacks and compromised packages directly to your existing security infrastructure.

Meeting You Where You Are: SIEM-Ready Intelligence

Over the past six months, we've kept our customers informed about critical compromises—including the tj-actions and nx incidents—through our support Slack channels and email alerts. While our rapid response has been invaluable, we heard one consistent piece of feedback: organizations need threat intelligence delivered in a way that integrates seamlessly with their SIEM and SOC solutions.

Today's launch directly addresses this need.

Real Intelligence, Not Just Alerts

StepSecurity Threat Intelligence transforms how your organization responds to supply chain threats by delivering actionable intelligence exactly how your security team needs it:

Seamless SIEM Integration

• No new integrations to configure—uses your existing StepSecurity AWS S3 and webhook setup

• Automatic ingestion into your SIEM for correlation with other security events

• Instantly triggers SOC on-call teams to investigate incidents as they happen

• Dramatically reduces MTTD and MTTR for supply chain attacks—from days to minutes

Intelligence That's Actually Actionable

• Detection within minutes of compromise, not after the damage is done

• Context-rich alerts with specific remediation steps for your environment

• Continuous real-time updates as threats evolve

• Standardized alerts that fit your existing SOC workflows and playbooks

Proven Detection Capabilities

• The same systems that discovered tj-actions, nx, and the 20-package npm attacks

• First-to-detect track record validated by CISA and major media outlets

• Battle-tested across thousands of organizations worldwide

Unlike generic vulnerability feeds that report issues days or weeks later, you're getting proactive threat intelligence that enables immediate response—turning potential breaches into contained incidents.

Threat Center: Your Command Center for Supply Chain Security

In addition to SIEM integration, we're introducing the Threat Center within the StepSecurity dashboard. This dedicated hub provides:

• Comprehensive details about active supply chain compromises

• Historical threat data and patterns

• Actionable remediation guidance

• Direct links to our detailed threat analysis

Proven Track Record in Threat Detection

StepSecurity has consistently been at the forefront of supply chain security:

• We were first to report the tj-actions/changed-files compromise, alerting the community before widespread damage could occur

• We published the first detailed technical analysis of the nx compromise, providing crucial insights that helped organizations understand and respond to the threat

• Our threat research has been cited by CISA and major media outlets, establishing StepSecurity as a trusted source for supply chain security intelligence

• Thousands of organizations worldwide rely on our analysis to protect their software supply chains

Our automated monitoring systems continuously scan npm, GitHub Actions, and other critical ecosystems 24/7. We continuously update these analyses in real-time as new threats emerge, making our blog posts the go-to resource during active incidents. This same detection infrastructure now feeds directly into StepSecurity Threat Intelligence, giving your organization our battle-tested early-warning capabilities.

Why This Matters Now

Supply chain attacks are accelerating in both frequency and sophistication. Bad actors increasingly target the dependencies and tools developers trust most. The window between compromise and exploitation continues to shrink, making real-time, actionable intelligence critical for defense.

With StepSecurity Threat Intelligence, you're not just getting alerts—you're getting the industry's most comprehensive supply chain security intelligence delivered exactly how your security team needs it.

Getting Started

For existing StepSecurity customers:

• Threat Intelligence is now available through your existing AWS S3 and webhook integrations

• Visit the new Threat Center in your dashboard to explore current and historical threat data
• See exactly what a detection event looks like in your SIEM

For organizations not yet using StepSecurity:

• Schedule a demo to see how StepSecurity can protect your software supply chain

• Learn more about our comprehensive approach to supply chain security

Looking Ahead

This launch represents our commitment to not just detecting threats but ensuring that intelligence reaches the right teams in the right format at the right time. As supply chain attacks evolve, so will our threat intelligence capabilities.

‍