Glossary

    Key terms and concepts in AI security, workstation governance, and software supply chain protection.

    Developer Workstation Security

    Why isn't EDR enough for developer machines?

    EDR (Endpoint Detection and Response) is insufficient for developer machines because it operates at the process and binary level, while developer threats operate inside trusted applications. EDR sees VS Code as a legitimate process and does not inspect what happens inside it — malicious extensions, compromised packages, and unauthorized MCP connections all execute within the trusted IDE boundary. EDR detects malware after execution; developer supply chain attacks need to be caught before installation.

    Read more
    AI & Developer Tools

    What are the security risks of AI coding assistants?

    AI coding assistants introduce security risks including data leakage to model providers, insecure code generation, package hallucination (where AI suggests non-existent packages that attackers then register), unvetted MCP server connections, and autonomous command execution on developer workstations. With 84% of developers using AI coding tools, these risks affect virtually every engineering organization and operate below the visibility of EDR and CI/CD security tools.

    Read more
    AI & Developer Tools

    What are the security risks of MCP servers?

    MCP (Model Context Protocol) servers are external services that AI coding agents connect to, giving them access to tools, data sources, and APIs. The security risk: developers can connect their AI agents to any of the 13,000+ MCP servers launched on GitHub in 2025 without IT approval or visibility. Each connection creates a potential data exfiltration path, supply chain compromise vector, or unauthorized access channel that traditional security tools cannot see.

    Read more
    Software Supply Chain

    What is IDE extension security?

    IDE extension security addresses the risks posed by extensions and plugins installed in development environments like VS Code, Cursor, and JetBrains IDEs. With over 60,000 extensions in the VS Code Marketplace alone (3.3 billion total installs) and 1,283 found to have malicious dependencies accounting for 229 million installs, extensions are a significant and largely unmonitored attack surface. Extensions run with full trust inside the IDE process, with no sandboxing or runtime permission model.

    Read more
    Software Supply Chain

    What are the security risks of npm and PyPI packages?

    npm and PyPI are the primary package registries for JavaScript and Python, serving millions of developers worldwide. In 2025, over 3,180 confirmed malicious packages were identified across these registries. Attack methods include typosquatting, dependency confusion, and self-propagating malware like the Shai-Hulud worm. A single incident in September 2025 compromised 20 npm packages with 2 billion weekly downloads, demonstrating the systemic risk in open-source package ecosystems.

    Read more