Developer devices are increasingly targeted by supply chain attacks, yet traditional EDR and MDM tools are blind to npm installs, VS Code extensions, browser plugins, and MCP servers. Aikido is launching Endpoint Protection, a security layer that sits on developer machines to monitor and block malicious packages across registries (npm, PyPI), IDE extensions, browser extensions, and AI tools. It builds on their open source Safe Chain proxy and Aikido Intel threat intelligence engine, which now analyzes 100,000+ suspicious projects per day. Key features include pre-install malware blocking, minimum package age enforcement, ecosystem lockdowns, and approval workflows. npm and PyPI protection is free; advanced policy controls require a paid subscription.
Table of contents
The new endpoint: developer devicesThe status quo doesn't workIntroducing Aikido Endpoint ProtectionBuilt on open foundationsGet started (yes, there’s a free tier)Build fearlesslySort: