DevDefender is a collection of tools, articles, tutorials, and templates that help you secure your developer environment from emerging threats: AI-enhanced supply chain, configuration, extension, and agent vulnerabilities.
Our main tool is an open-source EDR for Developers. This tool is in early development, and is available for macos. It helps developers know when their environment configuration changes, so they can catch changes made by malicious extensions, repositories, or AI agents.
We write threat breakdowns, PoC exploits, CVE writeups, and other news explainers to help you make sense of the threats to Developer Environments.
We also offer tutorials and scripts to help you understand your security posture on your dev machines.
In the future, we plan on offering resources for facilitating developer environment threat modeling on your team: brown-bag lunch-style month-long activities that will strengthen both your risk posture and your collaborative approach to developer environment security.
DevDefender is a project by Isaac Lewis, a senior software developer and application security specialist.