Overview
Modern software delivery has fundamentally changed. Today's engineering organizations pull thousands of packages automatically, across dozens of CI/CD pipelines, running continuously across distributed Kubernetes clusters and GPU-driven AI environments. The velocity that makes this possible is also what makes it dangerous. Supply chain attacks have grown in both frequency and sophistication, not because attackers have become more sophisticated, but because they have learned to exploit the trust and automation that modern development depends on. A compromised package published to a public registry can propagate into hundreds of production environments within minutes, before any human has had a chance to review it. Varnish Artifact Firewall is built for this environment. It is a dedicated runtime security layer that sits in the artifact request path and evaluates every dependency before it enters your infrastructure whether that request originates from a developer workstation, a CI/CD pipeline, a Kubernetes cluster, or an AI training job. Unlike traditional repository-based scanners that evaluate artifacts after ingestion, Varnish Artifact Firewall enforces security policy at the moment of request, before known vulnerable or non-compliant artifacts are allowed to propagate. Newly published and unknown threats can be held in quarantine long enough for the community to flag malicious uploads. It can also be deployed alongside Varnish Virtual Registry, to combine policy enforcement with high-performance artifact caching and routing to dramatically reduce artifact latency and dependency resolution time.
Highlights
- Secure the platform: Enforce runtime security across your entire software supply chain: block known vulnerable or compromised packages, quarantine newly published versions until they can be reviewed, and prevent dependency confusion attacks, governing every artifact request before it reaches your environment.
- Vendor-neutral by design: Varnish Artifact Firewall sits in front of the registries and repository managers you already run, with no lock-in to a backend platform and no changes to developer workflow. Secure your entire software supply chain, regardless of your existing architecture and vendors.
- Policy as code, zero-risk rollout: Manage dependency policy as declarative YAML rulesets, versioned and distributed through Git. Prebuilt OSV.dev rules give you a maintained baseline to extend with your own policies, and rulesets reload at runtime without service interruption. Start in report mode to see exactly what would have been blocked before enforcing anything, then deploy as a Docker image, Helm chart, or Linux package.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
SaaS product | Reach out for private offer | $7,500.00 |
Active Developers | Up to 50 active developers | $7,500.00 |
Number of Requests | Reach out for private offer | $7,500.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Varnish Virtual Registry Pro includes Standard Support which includes:
- Up to 20 support requests per year
- Availability during business hours (8 am to 5 pm)
- Email support, with telephone support for critical issues Access to the Varnish knowledgebase and software repositories Support reviews and on-site consultancy are available as paid options. Premium Support, with 24/7/365 availability, unlimited support requests, faster response times, and guaranteed SLAs for critical issues, is available as an add-on or as part of the Enterprise tier.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.