Introduction

Developer machines are an increasingly targeted part of the software supply chain. They store sensitive credentials such as GitHub tokens, package registry publishing credentials, SSH keys, and cloud access keys, and they routinely execute untrusted code through dependencies, IDE extensions, developer tools, and AI coding agents.

Recent supply chain attacks have shown how malicious packages, extensions, and tools can execute on developer machines, harvest credentials, and enable attackers to pivot into source repositories, package registries, and release systems, often before any code reaches CI/CD pipelines.

What is Dev Machine Guard?

Dev Machine Guard is not a traditional MDM Solution - it is a lightweight, script-based capability designed to integrate with your existing MDM or endpoint management tooling to provide visibility and control into the developer tooling ecosystem, including:

• IDE extensions and publishers (VSCode, Cursor)

• Locally installed open-source dependencies (npm, Python)

• AI coding agents and agent-driven actions

• External tools and MCP server integrations used during development

Why you need StepSecurity Dev Machine Guard

StepSecurity Dev Machine Guard is not a replacement for traditional MDMs like Kandji, Jamf, or Intune. Those tools are built for device posture, compliance, and fleet management, not for detecting or preventing supply chain attacks that originate from developer machines.

Dev Machine Guard extends your existing MDM by addressing the developer-specific attack surface. It provides the visibility and controls needed to detect risky tooling, untrusted dependencies, and malicious integrations before they become a supply chain incident.

Deployment Model

Dev Machine Guard is designed to work on top of your existing endpoint infrastructure.

StepSecurity does not deploy or require a proprietary agent. Instead, Dev Machine Guard is delivered as a lightweight script that you deploy using your existing MDM or EDR tooling.

The script runs periodically or on demand and collects telemetry required to provide visibility into developer machine activity. Collected data is securely sent to the StepSecurity platform for analysis and policy evaluation.

This approach allows organizations to extend supply chain visibility to developer machines without introducing new endpoint agents or replacing existing device management solutions.

For detailed deployment instructions and configuration options, see the Settings documentation.

This documentation explains how Dev Machine Guard works, how to deploy it using your existing MDM or EDR tooling, and how to configure visibility and policies for developer machines and AI-assisted development.

You can also follow this interactive demo to see how it works: