Socket is a software supply chain security company founded in 2021 by Feross Aboukhadijeh, a developer and security researcher with a background in the JavaScript/Node.js ecosystem. The company offers a developer-first platform designed to proactively detect and block malicious packages in open source dependencies before they reach production environments. Rather than relying on reactive, signature-based vulnerability scanning, Socket analyzes the behavior of open source dependencies in real time. This approach is intended to catch both known threats and zero-day supply chain attacks — the company reports detecting over 100 zero-day attacks per week across its platform. Socket integrates into developer workflows and supports multiple package ecosystems, including npm (JavaScript), as well as PHP and Composer (recently announced). The platform is positioned as a complement to existing developer tooling, with the goal of providing security coverage without disrupting engineering velocity. The company serves organizations across industries including technology, media, healthcare, and finance. Its customer base includes enterprises seeking to reduce alert fatigue from traditional security tools and to prevent open source dependency compromises. Socket is backed by Andreessen Horowitz and other prominent investors, including founders and executives from Stripe, Figma, Okta, Twilio, and Palantir, among others.