TYSONS, Va., Feb. 11, 2026 (GLOBE NEWSWIRE) — CodeHunter, the behavioral malware analysis and threat intelligence company, today announced the next phase of its platform evolution, expanding its behavioral intent technology beyond traditional malware analysis to address supply chain risk and security decision-making across the software development lifecycle (SDLC).
According to a recent Gartner® report, “software supply chains transcend organizational boundaries and consist of external entities in addition to internal systems.” Gartner also warns that “improper artifact integrity validation allows attackers to poison the software delivery pipeline and compromise the software being delivered”1.
Originally built to overcome the limitations of signature-based malware detection, CodeHunter has focused from the outset on analyzing what software does, not just what it looks like. As automation, AI-generated malware, and complex software supply chains reshape attacker techniques, the company is aligning its platform to enable earlier, more reliable trust decisions across the complete software estate organizations build, acquire, and run.
“Malware has changed, but so has how software enters the enterprise, with organizations now moving enormous volumes of runnable artifacts through CI/CD pipelines at machine speed,” said Chris O’Ferrell, CEO of CodeHunter. “This next phase for CodeHunter is about extending behavioral intent analysis upstream, so teams can prevent malicious or policy-violating software from executing in the first place, not just detect it after a compromise.”
Establishing Internal and External Software Trust
CodeHunter’s platform analyzes inbound, internally developed, and third-party software artifacts using proprietary control-flow and behavioral analysis, automating the reverse engineering of malware, combined with curated rule sets and dynamic sandbox observations. The result is a Behavioral Intent Profile (BIP), a deterministic, explainable record of how an artifact is expected to behave and whether that behavior introduces security, operational, or compliance risk.
Operationally, CodeHunter delivers a static verdict within minutes while running dynamic analysis in parallel, allowing teams to make fast decisions without relying solely on detonation windows or known-bad indicators.
For example, a signed binary produced during a build or obtained from a trusted source can be evaluated before promotion to identify unexpected network activity, privilege escalation, or system modifications that violate policy, despite the artifact appearing benign and properly signed.
CodeHunter’s BIPs can now be applied consistently across CI/CD pipelines, security operations, and production environments, enabling organizations to enforce policy decisions, such as allow, block, quarantine, or review, before software executes or propagates.
Rather than replacing existing security tools, CodeHunter operates as an out-of-band analysis layer, integrating through APIs, connectors, and artifact submission workflows. Verdicts and behavioral context are returned directly into the tools teams already use, including CI/CD systems, SIEMs, SOAR and EDR platforms.
Deterministic Decisions for AI-Driven Threats
While AI assists with malware discovery and improves analyst efficiency, CodeHunter’s enforcement decisions are intentionally deterministic and explainable, providing the consistency and auditability required for enterprise governance, compliance, and risk management.
This approach addresses a growing challenge for security leaders: as AI-generated and rapidly mutating artifacts evade static indicators and sandboxing, organizations must assess behavior and intent earlier, before software is allowed to run.
A Platform Built for AI Malware
With a renewed focus and a proven behavioral foundation, CodeHunter is positioning itself as a critical decision layer in modern security architectures, bridging malware analysis, software supply chain defense, and operational governance. As part of this next phase, CodeHunter is:
- Advancing its behavioral analysis engine to support high-volume, CI/CD-driven environments
- Expanding coverage across software supply chain and SDLC workflows
- Strengthening enterprise readiness with improved governance, traceability, and operational controls
Gartner Attribution and Disclaimer
1Gartner, Market Guide for Software Supply Chain Security, Manjunath Bhat, Aaron Lord, Jason Gross, April 7,2025
GARTNER is a trademark of Gartner, Inc. and/or its affiliates.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About CodeHunter
CodeHunter is the behavioral malware analysis and threat intelligence company. Founded in 2021, with roots in U.S. government research labs, CodeHunter helps organizations assess software trust across endpoints, cloud workloads, and development pipelines by determining what software does before it executes, not just what it looks like. This deterministic intent analysis approach prevents malicious or policy-violating code from running, strengthens software supply chain defenses, and makes consistent, explainable trust decisions that integrate with existing security and development workflows. For more information, visit www.codehunter.com and follow us on LinkedIn.
Media Contact:
Marc Gendron
Marc Gendron PR for CodeHunter
[email protected]
+1 617 877 7480
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/11273990-84a4-4f80-bf5f-d27584a25b11
