Packages enter faster than security can review them
Developers and pipelines pull packages directly from public registries. That speed is useful, but it also means external code can enter trusted environments without a decision point.
Dependency Firewall
Your developers install code from the internet every day. Attackers know it.
Shai-Hulud and Miasma made the weak spot painfully clear: a software supply chain attack does not need to start at your firewall. It can start with an npm dependency your developers already trust.
Once that package is installed, the damage can move fast. Developer machines, CI/CD jobs, secrets and build environments can be touched before security teams even know which dependency opened the door.
NpmShield puts a dependency firewall in front of npm package intake, so your organisation can decide which packages are allowed in before external code reaches your builds.
stop risky packages before install
control developer and CI/CD intake
prove what entered your builds
Problem
Your builds trust public code by default.
Every npm install can introduce code from maintainers, mirrors and dependency chains your team did not directly review.
Attackers hide where teams look least
Compromised maintainers, malicious updates, typosquatting and nested dependencies work because most checks happen after the package has already been installed.
After-the-fact logs are not enough
When an incident starts in a dependency, teams need to know what was requested, who requested it and why it was allowed before the damage spread.
Why NpmShield
Stop malicious packages before they reach your builds.
NpmShield creates a controlled checkpoint between your teams and public registries so package traffic becomes visible, governed and enforceable.
Approve dependency intake before it reaches builds
NpmShield gives security and platform teams a control point in front of npm traffic, so risky packages can be blocked before installation.
See package usage by team, token and pipeline
Turn package requests into usable evidence: which dependency was requested, by which token, under which tenant and at what time.
Make the approved registry path enforceable
Separate local development from CI/CD, phase in policies gradually and give customers or auditors a clear package-control story.
1
Registry change
Start by routing npm traffic through NpmShield instead of directly to the public registry.
24/7
Controlled intake
Package requests pass through the same security-aware gateway before code enters your environment.
100%
Audit-ready visibility
Usage, tokens and package decisions become measurable per tenant, team or pipeline.
0
Blind trust
Reduce direct dependency pulls from the internet without an approved control layer.
Attack reality
One package can become an incident.
The earlier you control dependency intake, the less time you spend reconstructing what went wrong.
Day 0
A trusted-looking package enters the workflow
A developer or pipeline installs a dependency that appears legitimate, routine and safe. The package may have a familiar name, a normal version number and no obvious warning signs.
Day 1
Malicious behavior starts quietly
The compromised dependency executes during install or runtime while normal work continues. Secrets, build context or system details can be touched before anyone realizes the package should have been blocked.
Day 7
The SOC starts investigating
Suspicious build, endpoint or network behavior appears across connected systems. The team now has to correlate logs, tokens, package activity and pipeline events to understand where the incident started.
Day 30
The root cause points back to one dependency
The investigation traces the incident to external code that should never have entered the build. By this point, the problem is cleanup, audit evidence and proving the same path cannot be abused again.
Control point
NpmShield moves the decision before installation
Instead of asking which dependency caused the problem after the incident, you decide upfront which packages are allowed to enter developer machines and build pipelines.
Business value
Less exposure, clearer audits, stronger customer trust
NpmShield helps security and platform teams show that dependency intake is governed, measurable and aligned with real enforcement.
How it works
Simple setup. Strong control.
NpmShield fits into the workflow developers already use while giving the organisation a security checkpoint before npm packages are installed.
Route npm through NpmShield
Change the registry configuration so developer machines and CI/CD jobs request packages through the approved NpmShield endpoint.
Authenticate and evaluate each request
Every request is tied to a token, tenant and context. That gives you the basis for allow, block, review and audit decisions.
Let approved code continue
Allowed packages are delivered to the build. Risky or disallowed packages are stopped before they become an incident.
Registry example
What customers actually configure
For teams, adoption starts with a clear npm configuration change. For security, that change creates a measurable control path.
Project-level .npmrc
registry=https://www.npmshield.eu
//www.npmshield.eu/:_authToken=YOUR_TOKEN
Customer clarity
A control customers understand quickly
NpmShield is not another after-the-fact scanner. It is a gate in front of package intake, which makes the value concrete for CISOs, platform teams and auditors.
Pricing
Start with visibility. Scale into enforcement.
Begin by routing traffic and measuring package usage, then expand into stricter policies, approvals and customer-specific governance.
€99 per month
For teams that want immediate package visibility, tenant tokens and a controlled npm entry point.
€499 per month
For organisations that need stronger policy separation between developers, CI/CD and production delivery paths.
Custom pricing
For larger environments that need custom governance, retention, integrations, reporting and deployment support.
Why buyers care
Prevent dependency incidents instead of only investigating them
NpmShield reduces exposure by changing the moment of control: before install, before build execution and before external code spreads.
Operational benefit
Make dependency intake measurable
Requests, tokens, bandwidth and policy decisions can be tracked per tenant and over time, supporting both security governance and commercial reporting.
FAQ
Questions buyers ask before they trust a dependency gateway
Clear answers for security, platform and engineering leaders evaluating package-control before installation.
Practical questions about rollout, configuration and adoption.
Most pilots start by routing one team or one CI/CD workflow through NpmShield. That gives immediate visibility into package requests, token usage and the packages currently entering your builds.
Developers keep using npm. The key change is that package requests go through the approved NpmShield registry endpoint, where access can be logged, governed and blocked when needed.
Yes. A focused rollout is the preferred path: one team, one repository group or one pipeline class first, then expansion once behavior and performance are validated.
Yes. Separate tokens make it possible to distinguish developer laptops from automated build jobs and apply different review, blocking or reporting rules.
Your .npmrc points package requests to the NpmShield endpoint instead of directly to the public registry. From there, requests can be authenticated, logged and evaluated before packages are delivered.
Yes, but routing should be made explicit. Internal trusted package flows can remain separated from public dependency intake so security teams know which code path is governed by which control.
Most customers involve platform engineering, application security and CI/CD owners. Platform teams manage the developer workflow, while security defines the intake rules and evidence requirements.
A visibility-first pilot is often the right starting point. It lets teams understand real dependency behavior before turning on stricter blocking or review policies.
Once the first route is proven, add teams by issuing scoped tokens, updating registry configuration and applying policies that match each team or pipeline risk profile.
A strong pilot proves that package traffic no longer goes directly to public registries, that requests are attributable to tokens and that risky packages can be stopped before install.
Security questions about risk reduction and audit evidence.
NpmShield reduces uncontrolled dependency intake. It gives your organisation a decision point before npm packages and transitive dependencies enter developer machines or build environments.
After installation, the issue becomes investigation and containment. Before installation, you can still prevent risky external code from entering the trusted delivery path.
No. Scanners identify known issues in code and dependencies. NpmShield controls the intake path, so risky or unapproved packages can be stopped before they are installed.
You can show which package was requested, by which token, under which tenant and at what time. That turns dependency intake into evidence instead of assumptions.
Yes. Those attacks rely on package resolution being trusted too easily. A controlled gateway gives you a place to enforce package source, naming and approval rules before install.
The value is in controlling the package intake path, including the dependency chain that comes with the requested package. That is where attackers often hide code developers never asked for directly.
That depends on policy. A package can be blocked, reviewed or allowed with evidence, but the important point is that the decision happens before the package enters the build path.
It gives you a concrete answer to how third-party npm code is controlled: package intake is routed, authenticated, measured and governed before installation.
Yes. Blocking earlier reduces how far risky code can spread. When something suspicious happens, token and request history also make investigation more focused.
That is exactly why ongoing intake control matters. A package that was safe yesterday can become risky after an update, maintainer compromise or malicious dependency change.
Operational questions about reliability, scale and developer impact.
The goal is visible control without daily friction. Pilots should measure install speed, repeated package behavior and CI/CD performance before broader rollout.
Yes. Tenant-aware separation and token-based access are designed for environments where teams, business units or customers need separate visibility and control.
Measure package request volume, blocked or reviewed packages, token usage, install performance and whether any direct registry bypass paths still exist.
Approved requests continue to the build workflow. The difference is that the request is now authenticated, measurable and part of an enforceable control path.
CI/CD creates repeated and bursty package traffic. A serious pilot should test pipeline concurrency, repeated installs and build reliability under the expected workload.
Yes. Real environments request the same packages often. Efficient handling of known traffic is important so security control does not become a developer bottleneck.
Availability matters because dependency intake is part of the delivery path. Customers should define the desired failure behavior and align it with their security and uptime requirements.
Yes. Tenant-aware request logging supports reporting on package traffic, token usage and decisions per tenant, which is useful for governance and commercial reporting.
Usually no. The goal is to keep familiar npm workflows while moving the trust decision into a controlled registry path behind the scenes.
Watch install performance, request volume, blocked packages, token usage, bypass attempts and developer feedback. Together those signals show whether control is working without causing avoidable friction.
Enforcement questions about bypass paths and governance.
Any dependency control is strongest when policy, network rules and developer guidance support the approved path. NpmShield gives you the gateway; enforcement makes it the standard route.
Direct access to public registries outside the approved flow. During rollout, teams should identify and close those alternate intake paths.
No single control removes all risk. NpmShield focuses on a critical moment: deciding what external package code may enter before installation.
Customers increasingly ask how software suppliers control third-party code. NpmShield gives you a concrete answer: package intake is governed before it reaches builds.
Use a combination of policy, network controls, CI/CD configuration and developer guidance so the approved NpmShield route becomes the standard path for npm traffic.
Manual intake paths should be covered by policy. NpmShield controls the registry route, while governance defines what is allowed outside that route.
Yes. Vendoring can move code outside central package request logs. Customers should define when vendoring is allowed and how those dependencies are reviewed.
Exceptions should be explicit, time-bounded and attributable. The goal is not to block delivery blindly, but to make package risk decisions visible and accountable.
Yes. Tokens and tenant context make it possible to apply stricter rules to production pipelines while using a softer review model for early development.
You should be able to show that package requests use approved tokens, direct registry routes are closed or monitored and blocked packages never reached the build environment.
Next step
Stop trusting external code by default. Take control of your software supply chain today.
Start with a tenant, generate the first token and route package traffic through a controlled gateway.