Home/Enterprise
For security & platform teams

Supply-chain control, on your terms.

Upwarden gives security and platform teams governance over every dependency that enters the org. Run it managed, self-hosted, or as a dedicated, isolated deployment for government and regulated environments — with SSO, full audit and explainable verdicts either way.

Sovereignty by design

Governance without telemetry

Cloud-only tools require your dependency graph to leave your network to do their job. Upwarden is a registry-replacement reverse proxy you run yourself — so control and visibility never come at the cost of sending package names, machine IDs or org names to anyone.

  • Runs inside your perimeter. Self-hosted on your infrastructure — nothing about your dependencies needs to egress.
  • Zero telemetry. No package names, machine identifiers or org names leave your network. It's a core design principle, not a setting.
  • Explainable verdicts. Every block decision carries a reason your team can audit and defend.
  • Build-safe rollout. Silent rollback means you can deploy org-wide without breaking a single pipeline.
How you run it

Three deployment models, one firewall

Choose the operating model that fits your risk profile — from a managed cloud to a fully isolated government deployment. The product and its verdicts are identical; only who runs it and where the data sits change.

Managed — Upwarden Cloud

We run it; you point your package managers at it. Multi-tenant with strict per-tenant isolation at the database row level. Upwarden sees package coordinates and the artifacts it serves — never your source. Your audit log is yours to query, and we never sell or share it.

Dedicated & isolated

For government and regulated buyers: your own isolated deployment, separate from the shared cloud, running in the infrastructure you operate so your data stays in your environment — plus cross-org SSO, IP allowlist and infinite audit retention. Fully air-gapped operation is on the roadmap.

Isolated & air-gapped deployment →

Self-hosted

Run it entirely inside your perimeter with zero telemetry — nothing about your dependencies leaves your network. The same product, your infrastructure, full sovereignty.

  • Cross-org SSO (SAML / OIDC). Federate identity across every team and tenant under one enterprise account.
  • IP allowlist & org-wide MFA. Lock the dashboard and API to known networks and require MFA across the organisation.
  • Infinite audit retention + export. Keep the complete record as long as compliance requires — queryable, and exportable for your SOC.
  • Read-only support access. When our team assists, impersonation is hard-gated read-only — our staff can look to help, never act as you, and every access is audited.
  • SLA-backed support. Response commitments and a direct line for incidents. See pricing for what sits on each tier.
Enterprise capabilities

Built for regulated, air-gapped environments

The controls security and platform teams need to make a dependency firewall a system of record — not just a gate.

Self-hosted shipped · air-gapped roadmap

Run entirely within your network with no external egress. Fully self-contained, air-gapped operation is on the enterprise roadmap.

RBAC & step-up shipped · policy-as-code roadmap

Role-based access today: a 35-capability permission system with per-tenant role overrides and step-up re-auth on sensitive operations. Programmable user-defined roles and full policy-as-code (rules in version control) are in active development.

Allow-listing & cooldown

Override specific block decisions with an audit trail, and refuse versions younger than N days (the cooldown window) to dodge freshly-published malware. Available on Team and up.

SBOM & provenance shipped

Generate per-org CycloneDX 1.5 and SPDX 2.3 SBOMs from the served set today. Scan verdicts ship signed Sigstore attestations (cosign / Fulcio / Rekor), and provenance verification is enforced at scan time. Scheduled SBOM exports and an archive are on the roadmap.

Audit trail & SIEM export shipped

A complete, queryable record of every manifest served, block, quarantine and rewrite — with actor identity (OIDC-verified where CI attribution is configured) and structured envelopes. Export to your SIEM as CSV, JSON or NDJSON at Org+, or native OCSF at Enterprise. Audit streaming to webhooks and stream targets (gzipped JSONL) is available at Org+; CEF/OCSF stream formats and a self-serve config UI are on the roadmap.

Bring your own scanner

Connect commercial or in-house scanners through a JWT-signed callback API. Their verdicts fuse into Upwarden's — detection as a platform, not a black box.

On maturity, in plain terms. The proxy core, manifest rewriting, audit trail + OCSF/CSV/JSON export, SBOM generation, signed Sigstore attestations + provenance verification, SSO, IP allowlist and the vector scanner are built and tested across all seven content-scanned ecosystems — npm, PyPI, crates.io, Go, Maven (incl. bytecode analysis), NuGet and RubyGems. A few capabilities above — air-gapped operation, the full policy-as-code / RBAC engine, and a self-serve SIEM-streaming config UI (plus CEF/OCSF stream formats) — remain on the near-term roadmap, marked accordingly. Tell us your requirements in a demo and we'll be precise about what's available today versus on the way.

Who it's for

From low-ops self-host to air-gapped governance

Small orgs

Self-host in minutes for shared protection and low ops. One firewall in front of every team's installs, no per-developer setup.

Small enterprises

Governance, audit, SSO and SBOM — inside your perimeter. Make dependency intake a controlled, reviewable process.

Large enterprises & government

Dedicated, isolated deployments with cross-org SSO, IP allowlist and infinite audit retention. SIEM-ready today, with fully air-gapped operation on the roadmap for regulated and government environments a cloud-only tool can't serve.

Talk to us

Govern your supply chain, your way

Tell us about your environment — managed, self-hosted, regulated, air-gapped or government — and we'll map Upwarden to it.