Dependency Firewall

The Dependency Firewall features protect your organization from malicious code and attacks.

The Bytesafe Dependency Firewall creates a secure perimeter for your organization. It is a tool to enforce your defined business rules to turn an insecure software supply chain into a secure one. Blocking open source risk from ever entering your supply chain means preventing malicious packages from being used by your developers or CI/CD systems.

This improves the security of your organization and allows you to sleep better at night, knowing that malicious code vulnerabilities are not being introduced into production through open source package vulnerabilities.

graph TD
A(Public registries) --> |  Insecure packages | B{Firewall registry};
B --> | Secure packages | C[fa:fa-user Team];
B --> | Secure packages | D[fa:fa-user Team];
B --> | Secure packages | E[fa:fa-server CI/CD];
style B fill:#b91c1c,color:#fff

What is a Dependency Firewall?

The Dependency Firewall is a first line of defence against threats from malicious or vulnerable open source packages used in your organization. The firewall checks all new packages being downloaded to make sure they comply with your security and license compliance policies defined in Bytesafe.

The firewall protects you against attacks by stopping unauthorized dependencies from entering your environment. The Dependency Firewall provides an easy way to protect your organization and helps you avoid costly consequences.

The Dependency Firewall is designed for ease of use - you can be up and running within minutes (instead of spending weeks or even months recovering from an attack).

When to use the Dependency Firewall?

You are most likely interested in a Dependency Firewall if you would like to:

  • Have a way to centrally enforce business rules from a security and compliance perspective
  • Isolate packages with critical vulnerabilities or specific open source licenses by putting them into quarantine
  • Add a security delay before new packages are allowed in the organization
  • Avoid namespace confusion where your internal packages are replaced by public malicious ones

Firewall features

The firewall is a set of features and policies - protecting against different types of attacks.

Feature Use case Links
Vulnerability policy rules for Quarantine Quarantine packages based on vulnerability severity levels Quarantine configuration
Protect Internal packages Avoid dependency confusion attacks with a secure by default solution Internal packages
License Compliance policy rules for Quarantine Quarantine packages based on License Compliance policy License compliance Quarantine configuration
Security Delay Avoid installing newly release package versions Delay Upstreams

Get started by setting up your Firewall registry to protect your organizations.

Creating a firewall registry

Work with a firewall registry to centralize security