Package Firewall

Block malicious packages before they’re installed

Block vulnerable and malicious packages, enforce policies, and control what developers install—across package managers, registries, and CI pipelines.

Book a Demo
Terminal window showing Endor Labs Security Scan results: lodash, express, and react packages installed; colors package blocked due to malicious code detected.
G2 logo
Cursor logoDropbox logoGlean logoOpenAI logomongoDB LogoPeloton logoRobinhood logoRubrik logo
Cursor logoDropbox logoGlean logoOpenAI logomongoDB LogoPeloton logoRobinhood logoRubrik logo
Cursor logoDropbox logoGlean logoOpenAI logomongoDB LogoPeloton logoRobinhood logoRubrik logo
Abstract dark background with gradient waves in green and purple hues converging towards the center.

Block risky packages before they hit the workstation

Intercept packages in real time
Detect and block policy-violating packages in real time using public + proprietary intelligence and rapid analysis pipelines.
Built for enterprise environments
Seamlessly integrate with package managers and artifact registries to roll out protection across the enterprise. No developer friction, no process changes, with centralized policy enforcement from day one.
Full visibility for AppSec
See every blocked download—what was blocked, why, and who requested it.
Endor Labs delivered on its promise to make SCA way more efficient and bubble up what actually matters much quicker.
Smiling man with glasses wearing a dark blue Grib t-shirt standing with arms crossed indoors near a window overlooking a cityscape.
Idan Fast
 Co-Founder & CTO, Grip Security

Continuously detect and respond to risky packages

Real-time detection
Scan and identify malicious and vulnerable packages in real-time across ecosystems.
Real-time ecosystem coverage
Scan every new package published to npm, PyPI, Maven, NuGet, and more. Catch threats like typosquatting, dependency confusion, and compromised maintainers before they reach your developers.
Multi-signal detection
Analyze packages using a broad set of independent signals, from code and metadata to behavior and reputation. This layered approach catches both known threats and novel attack patterns that bypass single-method detection.
AI-powered detection
Combine signals into a single, confidence-scored assessment. Clearly malicious packages are blocked automatically, while ambiguous cases are surfaced for review, reducing both false positives and missed threats.
Terminal window showing a malware detection blocking a download request for the package com.google.guava version 32.1.2 in the Maven build process.Real-time detection imageReal-time detection image
Endor Labs software interface showing Runtime Policies tab with settings for Malware blocking, Licenses tracking and warnings, and Cooldown period enabled.Policy-based protection imagePolicy-based protection image
Policy-based protection
Build the rules that match your organization's risk tolerance.
Configurable policy control
Define what to block or allow using configurable policies. Customize for vulnerable or malicious packages, non-compliant licenses, newly published packages, or any risk signal relevant to your organization.
Deploy without disruption
Integrate directly with the package manager or artifact managers like JFrog, Nexus, and AWS CodeArtifact. No developer workflow changes, no friction, and immediate protection across all ecosystems.
Invisible to developers
Protection runs in the background—when developers run npm install or pip install, requests are evaluated in real time against your policies. Safe packages flow through, risky ones are blocked or flagged, all without changing tools or workflows. 
Visibility into package activity
Every blocked download is logged, searchable, and reportable.
Event log
See date, package, version, ecosystem, policy triggered, and whether the download was blocked—across every integration in one view.
Search and filter
Check whether a specific package was ever blocked, or pull a report of the top blocked packages and the top blocking reasons.
Telemetry
Track request volume and block counts over the last 24 hours, 7 days, and 30 days—per integration, at a glance.
Dashboard showing security vulnerability findings with severity levels Critical, High, Medium, and Low, listing CVE-2025-13836 and CVE-2023-34152 issues in debian/libpython packages, with filters for exceptions, category, remediation, and options for fix availability and dependency reachability.

See Package Firewall in action

Book a Live Demo

Related Resources

Secure Code Prompt Library
Get 40+ prompt templates to help AI coding assistants generate secure code by default.
Read the guide
Book cover titled 'Malware in Open Source Ecosystems: Everyone's Problem, Nobody's Program' by Endor Labs on a dark background with green and blue gradient text.
Malware in Open Source Ecosystems
Explore the rising threat of malware in open source ecosystems and how to defend against it.
Watch demo
AURI Endor Labs logo with text stating 83% code auto-remediated before you commit and buttons labeled Hooks, Skills, MCP, CLI, and API.
AURI for Developers
Fix vulnerabilities, detect secrets, and block malicious dependencies in your AI coding workflow.
Explore the platform

FAQs

Will this slow down our developers?

Package Firewall sits between your artifact repository and the public registry—developers don't change how they work.

Can we block packages that aren't confirmed malware?

Yes. You can create policies based on package age, license type, and download count—not just malware classification. This lets you enforce your own risk standards beyond what's publicly known to be malicious.

What does a blocked developer see?

When connected directly to the firewall, they see an HTTP 403 Forbidden error with a clear message; when going through some registries (like Artifactory), that 403 may appear as a 404 Not Found in the CLI.

Does it work with our existing artifact repository?

Yes. Package Firewall integrates with JFrog Artifactory today, with support for Nexus and AWS CodeArtifact coming soon. Private packages are fetched from your artifact repository; public packages are checked through the proxy.

Is Package Firewall available now?

Package Firewall is available today. Teams can request access or book a demo to get started.

Secure everything your code depends on

Book a Demo