Back to articles
From single pull requests to full software packages: Detecting malicious code at scale
Datadog | The Monitor blog

From single pull requests to full software packages: Detecting malicious code at scale

2 views

Summary

The article describes the expansion of BewAIre, an LLM-based security system, from analyzing pull requests to scanning entire dependency packages for malicious code. The updated system utilizes a two-stage pipeline consisting of an inexpensive "filter" phase for rapid screening, followed by an agentic investigation loop that uses high-powered models and external tools to deep-dive into suspicious flags. This approach significantly increased detection accuracy to 99.86% and eliminated false positives while maintaining operational efficiency and cost-effectiveness.
Read the Original Article

This article originally appeared on Datadog | The Monitor blog.

Read Full Article on Original Site

Popular from Datadog | The Monitor blog

1
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions

Datadog | The Monitor blog Dec 1, 2025 95 views

2
Introducing Bits AI Dev Agent for Code Security
Introducing Bits AI Dev Agent for Code Security

Datadog | The Monitor blog Mar 26, 2026 77 views

3
Monitoring MongoDB performance metrics (MMAP)
Monitoring MongoDB performance metrics (MMAP)

Datadog | The Monitor blog May 25, 2016 70 views

4
Understand session replays faster with AI summaries and smart chapters
Understand session replays faster with AI summaries and smart chapters

Datadog | The Monitor blog Apr 2, 2026 69 views

5
Introducing ARFBench: A time series question-answering benchmark based on real incidents
Introducing ARFBench: A time series question-answering benchmark based on real incidents

Datadog | The Monitor blog Apr 24, 2026 65 views