Private/internal repositories limit package access to authorised clients and users, without sharing packages to the world. If you need internal software distribution mechanics, or if you want to support license-based software distribution, then private repositories facilitates these.
Malware scanning on every package at the point of upload helps to ensure that your ecosystem is free from malware and other potentially unsafe constructs. Watch this space for additional vulnerability management.
Granular Access Controls
Add granular access controls to your repositories and packages to give appropriate access to collaborators or teams within your organization. Need read-only access for junior developers or one single repository for contractors?