Secure Registry
A gate between public registries and everything you build
Every package your developers and their AI agents install comes from npm, PyPI, or a marketplace you don't control. Secure Registry checks each pull against StepSecurity threat intelligence and your policies, and blocks the ones that would hurt you.
Protects Dev MachinesProtects CI/CD
Secure Registry docs ↗npm · PyPIpublic registries
→Secure Registrypolicy + threat intel
→Dev machinesnpm install on laptops
CI/CD runnersbuilds pulling dependencies
✓ ALLOWreact@19.2.1known good, 214d old
⏸ COOLDOWNleft-pad-utils@4.0.0published 6h ago
✕ BLOCKaxios@1.12.4compromised per threat intel
One policy, two surfaces
Write the rule once. It holds on laptops and in CI.
Most teams protect their pipelines and forget the laptops, or the other way round. A registry-level gate can't be bypassed by either.
On developer machines
The install your agent just ran? Already checked.
- Blocks compromised versions at npm install time, whether a human or an AI agent ran it
- Cooldown windows for just-published releases, where most attacks live
- Pull provenance: which machine pulled which version, when
In CI/CD pipelines
Builds pull through the same gate.
- The same block and cooldown policies with no drift between laptop and runner
- A compromised package blocked on Monday can't sneak in via Tuesday's build
- Works alongside Harden-Runner's egress control for defense in depth
Policy EvaluationsOne audit log across both surfaces. The same pull, attributed to the laptop or the workflow run that made it.
PackageVersionSourceSource identifierStatus
@acme/ui-tokens2.4.1💻 Developer Machinedev:C02XK1ANJGH5⊖ Modified
@acme/ui-tokens2.4.1⑂ GitHub Actionsrun 28078594538⊖ Modified
@acme/build-cache1.5.0💻 Developer Machinedev:C02XK1ANJGH5⊗ Blocked
@acme/build-cache1.5.0⑂ GitHub Actionsrun 28078594538⊗ Blocked
lodash4.18.1💻 Developer Machinedev:C02XK1ANJGH5✓ Allowed
lodash4.18.1⑂ GitHub Actionsrun 28078594538✓ Allowed
What's in the box
⏸
Cooldown periodsHold newly published versions for a window you set. Most malicious releases are caught by the ecosystem within days. Cooldowns make that someone else's problem.
🛑
Compromised-version blockingVersions flagged by StepSecurity threat intelligence are blocked automatically, often before public advisories land. Typosquat lookalikes never resolve.
📋
BlocklistsBan a package or version org-wide with one rule. Every laptop and runner enforces it from the next install.
🔎
Source attributionEvery request is attributed to its source: a developer machine with its device page, or a GitHub Actions workflow run with its runtime insights. Incident response starts with a query, not a survey.
🤖
AI-agent awareAgents install dependencies without asking. The gate doesn't care who typed the command. The policy holds either way.
📈
Zero workflow changePoint your package manager at the registry endpoint. No new CLI, no wrapper scripts, no developer retraining.
No broken installs
Developers are not blocked. They just see safe versions.
When someone runs npm install, Secure Registry filters the version list before the client ever sees it. Versions inside a cooldown window or flagged as compromised simply disappear from the response. The install succeeds with a safe version. Only an explicit request for a disallowed version is refused.
$ npm install axios
✓ installed a safe version · newest releases held in cooldown · logged as Modified
$ npm install axios@flagged-version
✗ refused · version flagged by threat intelligence · logged as Blocked
Every request lands in the Policy Evaluations log as Allowed, Modified, or Blocked, attributed to the laptop or the workflow run that made it.
Policy Evaluations docs ↗Up and running in an afternoon
1
Point your package manager at itOne line in .npmrc (or the equivalent for your ecosystem), rolled out by MDM to laptops and by config to CI.
2
Set your policyPick a cooldown window, enable threat-intel blocking, add blocklists where you want them. Sensible defaults out of the box.
3
Watch the pullsProvenance starts accumulating immediately. The next incident's "are we affected?" is already answered.
Already run an artifact manager?Set Secure Registry as the upstream of JFrog Artifactory, Sonatype Nexus, or Google Artifact Registry. Your hosting stays where it is and every package that flows through it gets the same policy checks.Setup guide ↗
“
StepSecurity's cutting-edge security features are a core part of Mercari's supply chain security strategy. Adding these isolation, monitoring and governance capabilities to our platform has enabled Mercari's Security Engineering team to spend more time focusing on the areas that are truly unique to our enterprise.
Allan WirthManager of Platform and AI Security, Mercari
From the Mercari case study →