# Overview

Developer machines are an increasingly targeted part of the software supply chain. They store sensitive credentials such as GitHub tokens, package registry publishing credentials, SSH keys, and cloud access keys, and they routinely execute untrusted code through dependencies, IDE extensions, developer tools, and AI coding agents.

Recent supply chain attacks have shown how malicious packages, extensions, and tools can execute on developer machines, harvest credentials, and enable attackers to pivot into source repositories, package registries, and release systems, often before any code reaches CI/CD pipelines.

### What is Dev Machine Guard?

Dev Machine Guard is not a traditional MDM Solution - it is a lightweight, script-based capability designed to integrate with your existing MDM or endpoint management tooling to provide visibility and control into the developer tooling ecosystem, including:

* IDE extensions and publishers (VSCode, Cursor and JetBrain IDEs)
* Locally installed open-source dependencies (npm, Python and Homebrew)
* AI coding agents and agent-driven actions
* External tools and MCP server integrations used during development

Dev Machine Guard runs on both **macOS** and **Windows** developer endpoints.

#### Why you need StepSecurity Dev Machine Guard

StepSecurity Dev Machine Guard is not a replacement for traditional MDMs like Kandji, Jamf, or Intune. Those tools are built for device posture, compliance, and fleet management, not for detecting or preventing supply chain attacks that originate from developer machines.<br>

Dev Machine Guard extends your existing MDM by addressing the developer-specific attack surface. It provides the visibility and controls needed to detect risky tooling, untrusted dependencies, and malicious integrations before they become a supply chain incident.

### Deployment Model

Dev Machine Guard is designed to work **on top of your existing endpoint infrastructure**.

StepSecurity does **not** deploy or require a proprietary agent. Instead, Dev Machine Guard is delivered as a lightweight script that you deploy using your existing MDM or EDR tooling.

The script runs periodically or on demand and collects telemetry required to provide visibility into developer machine activity. Collected data is securely sent to the StepSecurity platform for analysis and policy evaluation.

This approach allows organizations to extend supply chain visibility to developer machines without introducing new endpoint agents or replacing existing device management solutions.

**For detailed deployment instructions and configuration options, see the** [**Installation Script**](/developer-machines/installation-script.md)  **documentation.**

***

**You can also follow this interactive demo to see how it works:**

{% embed url="<https://app.storylane.io/share/13il6g0lp1ep>" %}

### Documentation

The product documentation covers the Dev Machine Guard workspace pages and the deployment script.

* [Devices](/developer-machines/devices.md): inventory of every developer machine reporting telemetry, with per-device asset breakdowns (IDE extensions, npm packages, AI agents, MCP servers, system packages) and scan history.
* [IDE Extensions](/developer-machines/ide-extensions.md): organization-wide view of every IDE extension and JetBrains plugin in use across your fleet, with per-extension security scores and detection of compromised and typosquatted extensions.
* [AI Agents](/developer-machines/ai-agents.md): centralized view of AI coding tools detected across developer machines, grouped by category (CLI tools, IDE and desktop apps, general-purpose agents, frameworks and runtimes).
* [MCP Servers](/developer-machines/mcp-servers.md): inventory of Model Context Protocol servers configured across developer machines, including which AI tools have each server registered.
* [OSS Package Search](/developer-machines/oss-package-search.md): search for npm, Python, and Homebrew packages installed on developer machines, with exact on-disk locations to support incident response and remediation.
* [System Packages](/developer-machines/system-packages.md): visibility into OS-level packages installed via Homebrew on macOS and distribution package managers on Linux (apt, dnf, pacman), including filters for unsigned and third-party Linux packages.
* [Installation Script](/developer-machines/installation-script.md): deployment instructions for the loader script across macOS, Windows, and Linux, including how the signed-manifest auto-update flow works.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.stepsecurity.io/dev-machine-guard/overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.