Veracode Package Firewall
Modern software relies on many third-party packages, which can introduce risks such as malware injection, typosquatting attacks, and license violations. Use Veracode Package Firewall to configure your artifact repositories or package managers to block untrusted packages automatically.
Instead of connecting your system directly to the primary ecosystem registry, connect it to Package Firewall. After you review and configure your Package Firewall policy, the service automatically blocks any package or version that doesn’t comply with the defined rules and helps mitigate risks from unverified sources, known vulnerabilities, and compromised dependencies.
Package Firewall users can be assigned one of the following roles: Administrator, Reviewer, Submitter, Mitigation Approver, Policy Administrator, or Security Lead user roles. Each role provides a different level of access within Package Firewall. For a summary, see the role table.
Supported ecosystems
The following table lists the supported ecosystem registries and their corresponding custom Veracode registry URLs.
| Ecosystem | Veracode registry URL |
|---|---|
| Cargo | https://cargo.firewall.veracode.com |
| Golang | https://golang.firewall.veracode.com |
| Maven | https://maven.firewall.veracode.com |
| NPM | https://npm.firewall.veracode.com |
| NuGet | https://nuget.firewall.veracode.com |
| PyPI | https://pypi.firewall.veracode.com |
| RubyGems | https://rubygems.firewall.veracode.com |
Set up and use Package Firewall
Configure artifact repositories or package managers to use Package Firewall. For more information, see Connect Package Firewall to package ecosystems.