VARNISH ARTIFACT FIREWALL

Control which packages reach your developers, pipelines, and agents.

A vendor-neutral firewall that adds runtime enforcement without locking you into a backend platform. Artifact Firewall sits in front of the registries and repository managers you already run, enforcing policy the moment a package is requested across npm, PyPI, Maven, and NuGet, blocking known threats from OSV intelligence and quarantining the unknown.

Talk to our team

VAF Header Product Image

Signed, verified, and still dangerous

Modern builds are assembled from thousands of external packages, pulled by developers, CI/CD pipelines, Kubernetes clusters, and AI agents. Attackers have stopped bypassing trust controls and started abusing them: compromised maintainer accounts, poisoned pipelines, and typosquats now ship through the expected, signed release path.

Threat Graphic 01 Trusted Path

Trusted paths are now the attack surface

Compromised accounts and poisoned pipelines publish malicious versions through the expected, signed release path.

Threat Graphic 02 Detection Lag

Scanners react after the pull

SCA and vulnerability tools inspect dependencies that have already been downloaded, often too late to stop the spread.

Threat Graphic 03 Distributed

Distributed clients pull continuously

Developers, CI runners, clusters, and AI agents fetch packages constantly, which is hard to govern from a central repository.

Why Artifact Firewall

Most supply-chain tools watch from the side. Artifact Firewall sits in the path

 

The most innovative engineering teams already run Varnish in the delivery path, where the Virtual Registry reverse proxies, routes, and caches artifacts at internet scale. Artifact Firewall extends that in-path position to your software supply chain, evaluating every package and version the moment it is requested and allowing, denying, or hiding it before it is served. Where other tools sit beside the flow and flag a risk only after the fetch, Artifact Firewall enforces in the path itself, staying distributed and vendor-neutral while complementing the scanning tools you already run.

 

The difference is position.

 

Tools beside the path can warn you. A control point in the path can stop the fetch.

 

VARNISH ARTIFACT FIREWALL

In the request path

01

Dependency requested

02

Policy evaluated [Control Point]

03

Allow / deny / hide

04

Approved artifact served

✓ Enforced before it spreads

Artifact Firewall gates access by time, not only by known threats. Any brand-new version is held for a window you configure, kept out of builds until it has had time to be reviewed and approved rather than pulled the instant it appears.

SCANNERS AND SIDE TOOLS

Beside the path

01

Dependency pulled

02

Build continues ⚠

03

Tool flags it from the side [Detection point]

04

Ticket, fix, rebuild

⚠ Seen, but already in

Scanners and side tools help teams see what exists and what needs fixing, but they watch from outside the path and act only on what is already known to be bad, so a new malicious version can be inside the workflow before anything flags it.

Technical Perspective

Runtime dependency governance, in practice

 

Recent npm attacks show that even signed, verified packages turn dangerous when trusted publishing, CI/CD automation, and fast-moving ecosystems are abused. This session is a practical look at enforcing policy the moment a dependency is requested.

  • Why signed and trusted package workflows can still be compromised
  • Why release cooldowns and quarantine windows are becoming standard supply-chain controls
  • How OSV rules and custom policies block risky packages at request time

 

Thijs Feryn, Technical Evangelist | 45 Minute Session

Capabilities

What Artifact Firewall does

 

Artifact Firewall turns dependency policy into runtime enforcement at machine-to-machine scale. As a vendor-neutral layer in front of the package infrastructure you already run, it blocks known threats from vulnerability intelligence, quarantines unknown ones, and records every decision for security, platform, and governance teams.

 

01. Control dependency access

Match packages by PURL or coordinates and apply one of three actions, scoped to packages or specific versions.

02. Evaluate requests in real time

Match requests with a fast, indexed rule engine using PURL, version ranges, glob, and priority-based rules, scaling to hundreds of thousands of OSV entries with no added latency. Direct binary fetches are preflight-checked, so denied versions cannot be pulled by hardcoding a URL.

03. Block the known with OSV intelligence

Standard enforcement is built on OSV.dev, which aggregates GitHub Security Advisories, PyPA, RustSec, the Global Security Database, and more under one schema. Import its rules to block known-vulnerable versions automatically, with severity thresholds mapping scores to actions and an hourly refresh.

04. Quarantine the unknown

When no rule exists yet for a brand-new threat, hold newly published versions for a configurable window, long enough for the community to flag malicious uploads. Defends against maintainer account takeover.

05. Isolate internal namespaces

Block public-registry access for protected internal scopes so internal packages can never be spoofed, preventing dependency-confusion attacks.

06. Manage policy centrally

Manage rulesets as YAML on disk or in a public or private Git repository, with a configurable reload interval. Policy reloads without interrupting service.

Security-as-code

Manage artifact policy through GitOps

 

Artifact Firewall lets teams manage dependency policy as code. The same rulesets carry both the OSV.dev standard policies and your own custom rules, so teams extend a maintained baseline rather than start from a blank file. Everything is reviewed, versioned, and distributed through Git, giving security teams central control while platform teams operate policy through existing workflows.

 

Commit policy
Push to Git
Ruleset sync
Runtime enforcement
Audit trail

 

Declarative YAML rules

  • Define dependency policy in a format teams can review, version, and deploy.

Git-based distribution

  • Manage rulesets through Git repositories and update them on a defined interval.

Runtime policy changes

  • Roll out new policies without service interruption.

Built for

Built for security, platform, and DevOps teams

Strengthen software supply chain security without a rip-and-replace. Artifact Firewall is a universal, vendor-neutral layer in the path, sitting in front of the registries and repository managers you already run, and it works with Virtual Registry too. Because enforcement lives in the path, there is nothing to install or manage on every developer's machine and no point solution locking your teams into one platform. Security, platform, and DevOps teams get a single control point while keeping the infrastructure they already have.

Security teams

Enforce policy before vulnerable or unapproved packages enter builds.

Platform engineering

Create one control point for artifact access across teams and workflows.

DevOps teams

Reduce last-minute remediation by catching risky dependencies earlier.

Compliance and governance

Create visibility into which dependencies were allowed, hidden, denied, or reported.

Technical Deep-Dive

Built for teams that need control, not another dashboard

 

Artifact Firewall is designed for teams that need operational enforcement and policy control directly in the software delivery path.

 

Configuration

Rulesets, modes, and default actions are defined in declarative YAML. Configuration is loaded at startup and refreshed from Git on a defined interval.

Rule actions

Each matched request resolves to allow, hide, or deny, with a configurable quarantine window that holds newly published versions. Rules match by PURL or explicit coordinates; the highest-priority match wins and deny short-circuits. Deny returns a 403 Forbidden that exposes the policy reason.

Report mode

Run the firewall in report mode to evaluate every rule and record decisions without blocking. Analyze the audit log to see exactly what would have been blocked, then switch to normal mode once you are confident.

Deployment patterns

Artifact Firewall is a standalone application. It deploys as a Docker image, Helm chart, or Linux package, and can also be delivered as part of the Varnish Virtual Registry. Deploy it close to where packages are consumed, alongside CI/CD runners, inside Kubernetes clusters, or near regional developer teams, and enable firewalling per registry. Only manifests are parsed and rewritten; package bytes stream through untouched. It stays vendor-neutral, sitting in front of the package infrastructure you already use rather than becoming the origin or system of record.

Specifications

Product specifications

 

Review the core capabilities available in Artifact Firewall for software supply chain governance.

 

Capability

Availability

Supported ecosystems (npm, PyPI, Maven, NuGet) Included
Rulesets as code Included
Git-based ruleset updates Included
Allow, deny, and hide actions Included
Time-based package quarantine Included
Namespace isolation (anti-dependency-confusion) Included
Severity-driven policy from OSV (CVSS mapping) Included
Aggregated OSV sources (GitHub Advisories, PyPA, RustSec, Global Security Database) Included
Prebuilt OSV rules via Git Included
PURL and version-range matching Included
Report mode Included
Audit logging Included
Metrics endpoint (Prometheus / OpenTelemetry) Included
Runtime policy updates Included
Standalone deployment (Docker, Helm, Linux package) Included
Multi-environment deployment Contact us
Enterprise support Contact us
Architecture guidance Contact us

 

The Varnish runtime layer

Two layers, one path

 

Artifact Firewall and the Varnish Virtual Registry are complementary layers that sit in the same place, in the path, in front of the registries and repository managers you already run. One governs what reaches your builds, the other accelerates it.

 

ARTIFACT FIREWALL

Enforcement

Evaluates every package the moment it is requested and allows, denies, hides, or quarantines it before it reaches a build.

  • Allow / deny / hide
  • Time-based quarantine
  • OSV intelligencs

VIRTUAL REGISTRY

Acceleration

Caches and routes artifacts through a pull-through layer, speeding up dependency resolution and reducing load on registries.

  • Pull-through cache
  • Routing
  • Faster resolution

 

Run Artifact Firewall on its own, or deliver it with the Virtual Registry to combine enforcement and acceleration in a single in-path layer.

 

Next Steps

Evaluate Artifact Firewall

Review the specifications, discuss deployment needs, and request pricing based on your environment, support requirements, and rollout scope. Artifact Firewall is a vendor-neutral layer that adds to your stack without replacing it.

Dig deeper

Icon Documentation Big

Documentation

Understand Artifact Firewall architecture, configuration, and operational behavior.

Icon Code Big

Configuration reference

Complete reference for rulesets, modes, default actions, and runtime options.

Homepage Tutorial

Changelog

Latest releases, describing feature additions, changes, fixes and removals per version.

Control what enters your software pipeline

Use Artifact Firewall to enforce dependency policy before vulnerable, unapproved, or suspicious artifacts reach your developers, builds, or deployments. A vendor-neutral enforcement layer that works with the package infrastructure you already run.

Request a free trial