ExtensionTotal

悪意のある、リスクのある、脆弱な、または準拠していないサードパーティの拡張機能やソフトウェアパッケージを迅速に検出することで、企業のサプライチェーンのセキュリティを合理化します

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

GPT Pilot (Beta)

IntelliSense for CSS

サポートされています

Cursor

Visual Studio Code

Edge

^(Enterprise)

Chrome

^(Enterprise)

Visual Studio ^(Enterprise)

Jetbrains ^(Enterprise)

Add ExtensionTotal to VS Code - It's Free! ->

世界最高のセキュリティチームが使用しています

vscode EXTENSIONS HAVE
エンドポイントを無制限に制御

あなたのコード、あなたの秘密を80Kの手に millions拡張子

誰でも30分以内に拡張機能を公開できます

IDE Extension マーケットプレイスにはセキュリティ制御がない

The average developer installs over 40 extensions in the IDE

Developer IDEs are unmanaged

紹介する

ExtensionTotal

当社の新しい分析エンジンを搭載した、サードパーティ製IDE拡張のサプライチェーンリスクを合理化、検出、管理する最初のプラットフォームです。
そして、これはほんの始まりに過ぎません...

どのような仕組みですか？

ExtensionTotalは、IDEマーケットプレイスにリストされている拡張機能を継続的に分析しています。各拡張機能が解凍され、何百もの属性が抽出されて強化され、リスクスコアに織り込まれます。

use cases

How Organizations Are Using ExtensionTotal

Detect Malicious Extensions

Discovery and Inventory

Policy Enforcement

Streamline Extensions Vetting

Third-Party AI Exposure

Private Registry

Quickly Vet IDE Extensions

With our risk assessment, security teams can determine extension risk and take action on risky extensions that violate the organization policy

Take Off The Blindfold

Enhance your security posture discovering extensions in use within your organization. Continuously assess risk and ensure compliance for critical extensions to maintain the integrity and safety of your development environment

End-to-end Extension Governance

Enforce custom policies to mitigate risks from non-compliant IDEs and extensions. Govern your development tools to uphold your organizational security standards.

Jambo Main Features

A new way to collect and analyze customer feedback.

Boards and Pages

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Boards and Pages

Use Jambo for analyzing user feedback & valuable insights

Custom Domains

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Public Roadmap

Use Jambo for analyzing user feedback & valuable insights

Integrations

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Vote System

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Jambo Main Features

A new way to collect and analyze customer feedback.

Boards and Pages

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Boards and Pages

Use Jambo for analyzing user feedback & valuable insights

Custom Domains

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Public Roadmap

Use Jambo for analyzing user feedback & valuable insights

Integrations

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Vote System

Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Do you know what extensions are installed in your organization?

Get started with your MDM to discover installed extensions and leverage ExtensionTotal API for risk and threat intelligence

• API paid subscription required

#!/bin/bash

loggedInUser=$(stat -f "%Su" /dev/console)
codePath="/Applications/Visual Studio Code.app/Contents/Resources/app/bin/code"
cd /Users/"$loggedInUser"
codeExtensions=$(sudo -u "$loggedInUser" "$codePath" --list-extensions)

jsonResult="{\"extensions\":["

while IFS= read -r line || [[ -n $line ]]; do
    content=$(curl -s --location 'https://app.extensiontotal.com/api/getExtensionRisk' \
    --header 'Content-Type: application/json' \
    --header 'Cookie: SameSite=None' \
    --header 'x-api-key: <YOUR_API_KEY>' \
    --data "{
      \"q\": \"$line\"
    }")
    jsonResult+="$content,"
    done < <(printf '%s' "$codeExtensions")

jsonResult=${jsonResult%,}
jsonResult+="]}"
echo "$jsonResult"

api RATE LIMITS APPLY | macos compatible script

みんなが私たちの研究について話している

セキュリティ担当者が私たちについて話す

Testimonial section title

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse tincidunt sagittis eros. Quisque quis euismod lorem.

"If there was any proof missing that the engineering ecosystem is a land of infinite opportunities for adversaries...."

Daniel Krivelevich

AppSec CTO @ Palo Alto Networks | Co-Founder & CTO @ Cider Security

If VSCode is being used in your org I recommend reading these blog posts which have been reported on by BleepingComputer..ebepingComputer

Kevin Gray

Cyber Security at NatWest

"At most organizations, developers have the most sensitive data, but also the most relaxed controls..."

James Berthoty

Security Engineer Turned Analyst @ Latio Tech

Lorem Ipsum is simply dummy text of the printing and typesetting industry.

Profile name

CEO / Creative IT

調査結果を読む

When Chrome Extensions Turn Against Us: The Cyberhaven Breach and Beyond

Read our blog post about the Cyberhaven Incident

VSCode Extension Trivia: Real or Cake?

Read our blog about a malicious campaign plaguing the VSCode Marketplace

How We Hacked Multi-Billion Dollar Companies in 30 Minutes Using a Fake VSCode Extension

Read our blog to learn how we hacked the VSCode Marketplace

Exposing Malicious Extensions: Shocking Statistics from the VS Code Marketplace

Learn through numbers on how exposed your organization is to VSCode

A Letter to Microsoft: Uncovering Design Flaws of Visual Studio Code Extensions

Our letter to Microsoft discussing the security design flaws in VSCode

Extensiontotal was built in a month

We love building, follow us

チャットしたいですか？

ここにたどり着いた理由についてもっと知りたいです（何か新しくてかっこいいものを試しているかもしれません-それも素晴らしいです）

チャットしよう 👋