Visual Studio Code extensions pose significant security risks due to their ability to execute arbitrary code and access system resources without limitations. ExtensionTotal is a tool designed to assess these risks by analyzing VSCode extensions deeply. It provides an API for organizations to automate this risk assessment, and its use is recommended through various configurations such as via MDM scripts, FleetDM + Tines integration, or by installing the ExtensionTotal extension on developer endpoints.
Table of contents
Using ExtensionTotal API through your MDMUsing FleetDM + TinesEnriching VSCode extension detection via Fleet + Tines with ExtensionTotalInstall ExtensionTotal On All Developer EndpointsOn-premises ExtensionTotalGetting Started with ExtensionTotalSort: