Belgian cybersecurity firm Aikido Security has launched Endpoint, a lightweight security agent designed to secure artificial intelligence use on developer workstations. The new platform aims to address supply chain attacks targeting open-source software.
Endpoint provides enterprises with visibility and control over software packages, development environments, browser extensions, and AI tools integrated into modern software development. The company highlights that developer workstations have become significant security blind spots for many organizations.
AI-driven development introduces new attack surfaces that traditional security measures have struggled to keep pace with. Aikido states Endpoint enables enterprises to securely embrace AI-native software development by offering real-time monitoring and policy enforcement, while maintaining developer flexibility. Developers can import tools and packages, with Endpoint inspecting them before installation.
"Enterprises are rolling out AI coding tools to thousands of developers with little to no visibility and control of what is really running on developer workstations," said co-founder and Chief Executive Willem Delbare. "Our approach to self-securing software builds the guardrails for this new era of development by protecting not just the code that is being shipped, but also the environment where it’s generated."
Built on Aikido's open-source malware detection system, Safe Chain, Endpoint uses a lightweight AI agent that monitors developer environments and activates before any package or extension is installed. Packages published less than 48 hours prior are automatically held, mitigating the highest-risk window for attacks.
Security teams can audit actions, gain visibility into AI tools and services running on systems, and set tailored enforcement and policy rules by team, role, or device. The company reports its threat intelligence models defend against over 100,000 weekly threats, noting a rise in supply chain attacks, particularly through insecure npm packages.