VARNISH ARTIFACT FIREWALL
Control which packages reach your developers, pipelines, and agents.
A vendor-neutral firewall that adds runtime enforcement without locking you into a backend platform. Artifact Firewall sits in front of the registries and repository managers you already run, enforcing policy the moment a package is requested across npm, PyPI, Maven, and NuGet, blocking known threats from OSV intelligence and quarantining the unknown.
Signed, verified, and still dangerous
Modern builds are assembled from thousands of external packages, pulled by developers, CI/CD pipelines, Kubernetes clusters, and AI agents. Attackers have stopped bypassing trust controls and started abusing them: compromised maintainer accounts, poisoned pipelines, and typosquats now ship through the expected, signed release path.
Trusted paths are now the attack surface
Compromised accounts and poisoned pipelines publish malicious versions through the expected, signed release path.
Scanners react after the pull
SCA and vulnerability tools inspect dependencies that have already been downloaded, often too late to stop the spread.
Distributed clients pull continuously
Developers, CI runners, clusters, and AI agents fetch packages constantly, which is hard to govern from a central repository.
Why Artifact Firewall
Most supply-chain tools watch from the side. Artifact Firewall sits in the path
The most innovative engineering teams already run Varnish in the delivery path, where the Virtual Registry reverse proxies, routes, and caches artifacts at internet scale. Artifact Firewall extends that in-path position to your software supply chain, evaluating every package and version the moment it is requested and allowing, denying, or hiding it before it is served. Where other tools sit beside the flow and flag a risk only after the fetch, Artifact Firewall enforces in the path itself, staying distributed and vendor-neutral while complementing the scanning tools you already run.
The difference is position.
Tools beside the path can warn you. A control point in the path can stop the fetch.
|
VARNISH ARTIFACT FIREWALL In the request path |
|---|
01
Dependency requested |
02
Policy evaluated [Control Point] |
03
Allow / deny / hide |
04
Approved artifact served |
✓ Enforced before it spreads
Artifact Firewall gates access by time, not only by known threats. Any brand-new version is held for a window you configure, kept out of builds until it has had time to be reviewed and approved rather than pulled the instant it appears.
|
SCANNERS AND SIDE TOOLS Beside the path |
|---|
01
Dependency pulled |
02
Build continues ⚠ |
03
Tool flags it from the side [Detection point] |
04
Ticket, fix, rebuild |
⚠ Seen, but already in
Scanners and side tools help teams see what exists and what needs fixing, but they watch from outside the path and act only on what is already known to be bad, so a new malicious version can be inside the workflow before anything flags it.
Technical Perspective
Runtime dependency governance, in practice
Recent npm attacks show that even signed, verified packages turn dangerous when trusted publishing, CI/CD automation, and fast-moving ecosystems are abused. This session is a practical look at enforcing policy the moment a dependency is requested.
- Why signed and trusted package workflows can still be compromised
- Why release cooldowns and quarantine windows are becoming standard supply-chain controls
- How OSV rules and custom policies block risky packages at request time
Capabilities
What Artifact Firewall does
Artifact Firewall turns dependency policy into runtime enforcement at machine-to-machine scale. As a vendor-neutral layer in front of the package infrastructure you already run, it blocks known threats from vulnerability intelligence, quarantines unknown ones, and records every decision for security, platform, and governance teams.
01. Control dependency access
Match packages by PURL or coordinates and apply one of three actions, scoped to packages or specific versions.
02. Evaluate requests in real time
Match requests with a fast, indexed rule engine using PURL, version ranges, glob, and priority-based rules, scaling to hundreds of thousands of OSV entries with no added latency. Direct binary fetches are preflight-checked, so denied versions cannot be pulled by hardcoding a URL.
03. Block the known with OSV intelligence
Standard enforcement is built on OSV.dev, which aggregates GitHub Security Advisories, PyPA, RustSec, the Global Security Database, and more under one schema. Import its rules to block known-vulnerable versions automatically, with severity thresholds mapping scores to actions and an hourly refresh.
04. Quarantine the unknown
When no rule exists yet for a brand-new threat, hold newly published versions for a configurable window, long enough for the community to flag malicious uploads. Defends against maintainer account takeover.
05. Isolate internal namespaces
Block public-registry access for protected internal scopes so internal packages can never be spoofed, preventing dependency-confusion attacks.
06. Manage policy centrally
Manage rulesets as YAML on disk or in a public or private Git repository, with a configurable reload interval. Policy reloads without interrupting service.
Security-as-code
Manage artifact policy through GitOps
Artifact Firewall lets teams manage dependency policy as code. The same rulesets carry both the OSV.dev standard policies and your own custom rules, so teams extend a maintained baseline rather than start from a blank file. Everything is reviewed, versioned, and distributed through Git, giving security teams central control while platform teams operate policy through existing workflows.

Declarative YAML rules
- Define dependency policy in a format teams can review, version, and deploy.
Git-based distribution
- Manage rulesets through Git repositories and update them on a defined interval.
Runtime policy changes
- Roll out new policies without service interruption.
Built for
Built for security, platform, and DevOps teams
Strengthen software supply chain security without a rip-and-replace. Artifact Firewall is a universal, vendor-neutral layer in the path, sitting in front of the registries and repository managers you already run, and it works with Virtual Registry too. Because enforcement lives in the path, there is nothing to install or manage on every developer's machine and no point solution locking your teams into one platform. Security, platform, and DevOps teams get a single control point while keeping the infrastructure they already have.
Security teams
Platform engineering
Create one control point for artifact access across teams and workflows.
DevOps teams
Compliance and governance
Technical Deep-Dive
Built for teams that need control, not another dashboard
Artifact Firewall is designed for teams that need operational enforcement and policy control directly in the software delivery path.
Configuration
Rulesets, modes, and default actions are defined in declarative YAML. Configuration is loaded at startup and refreshed from Git on a defined interval.


Rule actions
Each matched request resolves to allow, hide, or deny, with a configurable quarantine window that holds newly published versions. Rules match by PURL or explicit coordinates; the highest-priority match wins and deny short-circuits. Deny returns a 403 Forbidden that exposes the policy reason.
Report mode
Run the firewall in report mode to evaluate every rule and record decisions without blocking. Analyze the audit log to see exactly what would have been blocked, then switch to normal mode once you are confident.


Deployment patterns
Artifact Firewall is a standalone application. It deploys as a Docker image, Helm chart, or Linux package, and can also be delivered as part of the Varnish Virtual Registry. Deploy it close to where packages are consumed, alongside CI/CD runners, inside Kubernetes clusters, or near regional developer teams, and enable firewalling per registry. Only manifests are parsed and rewritten; package bytes stream through untouched. It stays vendor-neutral, sitting in front of the package infrastructure you already use rather than becoming the origin or system of record.
Specifications
Product specifications
Review the core capabilities available in Artifact Firewall for software supply chain governance.
Capability |
Availability |
| Supported ecosystems (npm, PyPI, Maven, NuGet) | Included |
| Rulesets as code | Included |
| Git-based ruleset updates | Included |
| Allow, deny, and hide actions | Included |
| Time-based package quarantine | Included |
| Namespace isolation (anti-dependency-confusion) | Included |
| Severity-driven policy from OSV (CVSS mapping) | Included |
| Aggregated OSV sources (GitHub Advisories, PyPA, RustSec, Global Security Database) | Included |
| Prebuilt OSV rules via Git | Included |
| PURL and version-range matching | Included |
| Report mode | Included |
| Audit logging | Included |
| Metrics endpoint (Prometheus / OpenTelemetry) | Included |
| Runtime policy updates | Included |
| Standalone deployment (Docker, Helm, Linux package) | Included |
| Multi-environment deployment | Contact us |
| Enterprise support | Contact us |
| Architecture guidance | Contact us |
The Varnish runtime layer
Two layers, one path
Artifact Firewall and the Varnish Virtual Registry are complementary layers that sit in the same place, in the path, in front of the registries and repository managers you already run. One governs what reaches your builds, the other accelerates it.
ARTIFACT FIREWALL
Enforcement
Evaluates every package the moment it is requested and allows, denies, hides, or quarantines it before it reaches a build.
- Allow / deny / hide
- Time-based quarantine
- OSV intelligencs
VIRTUAL REGISTRY
Acceleration
Caches and routes artifacts through a pull-through layer, speeding up dependency resolution and reducing load on registries.
- Pull-through cache
- Routing
- Faster resolution
Run Artifact Firewall on its own, or deliver it with the Virtual Registry to combine enforcement and acceleration in a single in-path layer.
Next Steps
Evaluate Artifact Firewall
Review the specifications, discuss deployment needs, and request pricing based on your environment, support requirements, and rollout scope. Artifact Firewall is a vendor-neutral layer that adds to your stack without replacing it.
Dig deeper
Documentation
Understand Artifact Firewall architecture, configuration, and operational behavior.
Configuration reference
Complete reference for rulesets, modes, default actions, and runtime options.
Changelog
Latest releases, describing feature additions, changes, fixes and removals per version.
Control what enters your software pipeline
Use Artifact Firewall to enforce dependency policy before vulnerable, unapproved, or suspicious artifacts reach your developers, builds, or deployments. A vendor-neutral enforcement layer that works with the package infrastructure you already run.