ExtensionTotal

Simplifique a segurança da cadeia de suprimentos corporativa detectando rapidamente extensões e pacotes de software de terceiros maliciosos, arriscados, vulneráveis ou não compatíveis

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
SUPORTADO
Cursor
Visual Studio Code
Edge  
(Enterprise)
Chrome  
(Enterprise)
Visual Studio (Enterprise)
Jetbrains (Enterprise)
Usado pelas melhores equipes de segurança do mundo
vs AS EXTENSÕES DE CÓDIGO TÊM
CONTROLE ILIMITADO SOBRE SEU ENDPOINT

Seu código, seus segredos, nas mãos de 80K millions extensões

qualquer pessoa pode publicar uma extensão em 30 minutos

Os mercados de extensão IDE carecem de controles de segurança

The average developer installs over 40 extensions in the IDE

Developer IDEs are unmanaged

apresentando

ExtensionTotal

A primeira plataforma a otimizar, detectar e controlar os riscos da cadeia de suprimentos de extensões de IDE de terceiros, alimentada por nosso novo mecanismo de análise.
E isso é só o começo...

Como isso funciona?

O ExtensionTotal analisa continuamente as extensões listadas nos mercados do IDE. Cada extensão é descompactada, centenas de atributos são extraídos, enriquecidos e considerados em uma pontuação de risco.

use cases

How Organizations Are Using ExtensionTotal

Detect Malicious Extensions
Discovery and Inventory
Policy Enforcement
Streamline Extensions Vetting
Third-Party AI Exposure
Private Registry

Quickly Vet IDE Extensions

With our risk assessment, security teams can determine extension risk and take action on risky extensions that violate the organization policy

Get Started

Take Off The Blindfold

Enhance your security posture discovering extensions in use within your organization. Continuously assess risk and ensure compliance for critical extensions to maintain the integrity and safety of your development environment

Get Started

End-to-end Extension Governance

Enforce custom policies to mitigate risks from non-compliant IDEs and extensions. Govern your development tools to uphold your organizational security standards.

Get Started
Jambo Main Features

A new way to collect and analyze customer feedback.

Boards and Pages
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Boards and Pages
Use Jambo for analyzing user feedback & valuable insights
Custom Domains
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Public Roadmap
Use Jambo for analyzing user feedback & valuable insights
Integrations
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Vote System
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Jambo Main Features

A new way to collect and analyze customer feedback.

Boards and Pages
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Boards and Pages
Use Jambo for analyzing user feedback & valuable insights
Custom Domains
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Public Roadmap
Use Jambo for analyzing user feedback & valuable insights
Integrations
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.
Vote System
Use Jambo for analyze and engage with user feedback & valuable insights effortlessly.

Do you know what extensions are installed in your organization?

Get started with your MDM to discover installed extensions and leverage ExtensionTotal API for risk and threat intelligence
• API paid subscription required
#!/bin/bash

loggedInUser=$(stat -f "%Su" /dev/console)
codePath="/Applications/Visual Studio Code.app/Contents/Resources/app/bin/code"
cd /Users/"$loggedInUser"
codeExtensions=$(sudo -u "$loggedInUser" "$codePath" --list-extensions)

jsonResult="{\"extensions\":["

while IFS= read -r line || [[ -n $line ]]; do
    content=$(curl -s --location 'https://app.extensiontotal.com/api/getExtensionRisk' \
    --header 'Content-Type: application/json' \
    --header 'Cookie: SameSite=None' \
    --header 'x-api-key: <YOUR_API_KEY>' \
    --data "{
      \"q\": \"$line\"
    }")
    jsonResult+="$content,"
    done < <(printf '%s' "$codeExtensions")

jsonResult=${jsonResult%,}
jsonResult+="]}"
echo "$jsonResult"
api RATE LIMITS APPLY | macos compatible script
as pessoas estão falando sobre NOSSA PESQUISA

O pessoal de segurança fala sobre nós

Testimonial section title

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse tincidunt sagittis eros. Quisque quis euismod lorem.

"If there was any proof missing that the engineering ecosystem is a land of infinite opportunities for adversaries...."

Daniel Krivelevich

AppSec CTO @ Palo Alto Networks | Co-Founder & CTO @ Cider Security

If VSCode is being used in your org I recommend reading these blog posts which have been reported on by BleepingComputer..ebepingComputer

Kevin Gray

Cyber Security at NatWest

"At most organizations, developers have the most sensitive data, but also the most relaxed controls..."

James Berthoty

Security Engineer Turned Analyst @ Latio Tech

Lorem Ipsum is simply dummy text of the printing and typesetting industry.

Profile name

CEO / Creative IT

Leia nossa pesquisa

Extensiontotal was built in a month

We love building, follow us

Quer conversar?

Adoraríamos saber mais sobre o que o traz até aqui (talvez você esteja experimentando algo novo e legal - isso também é ótimo)

Vamos conversar 👋