First of the free tools is a comprehensive Semgrep and Opengrep ruleset that could be used in continuous integration and continuous deployment pipelines, which has yielded 94.3% and 88.4% accuracy in identifying nefarious code in PyPI and NPM packages, respectively.
New Apiiro tools show promise in malicious code detection
